Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum
Apps | Demo | Docs | Install

Enable LDAP and Cloudron SSO After App is Installed

Scheduled Pinned Locked Moved Feature Requests
7 Posts 5 Posters 230 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • brianbB Offline
    brianbB Offline
    brianb
    wrote on last edited by
    #1

    I skipped opting for SSO when installing apps. According to the Cloudron Docs in Users & Groups section you need to select SSO at the time of app installation.

    Assuming an app support LDAP. Is it possible to add LDAP support (Cloudron SSO) to an app after it is installed?

    robiR 1 Reply Last reply
    1
  • robiR Offline
    robiR Offline
    robi
    replied to brianb on last edited by
    #2

    @briankb-0 It's best to install a new app with SSO enabled and migrate the data.

    Life of sky tech

    1 Reply Last reply
    1
  • nebulonN Offline
    nebulonN Offline
    nebulon Staff
    wrote on last edited by
    #3

    This has long been on our tasklist. Essentially there is no technical reason why the LDAP/SSO feature could not be enabled/disabled after installation. The main blocking point is that we are not really comfortable currently with how apps behave. Some might purge user-data if users go away which may result in dataloss.

    girishG 1 Reply Last reply
    2
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to nebulon on last edited by
    #4

    @nebulon said in Enable LDAP and Cloudron SSO After App is Installed:

    Essentially there is no technical reason why the LDAP/SSO feature

    There's many variation in app support:

    • What happens to existing users? I think it will be hard for us to write user migration docs for each app (because I have often seen one has to straight up edit the database).

    • Many apps do not support multiple auth providers. So, if you switch to LDAP or viceversa, you cannot login with your previous users anymore (to migrate data).

    L 1 Reply Last reply
    2
  • girishG girish moved this topic from Support on
  • L Online
    L Online
    lukas
    replied to girish on last edited by
    #5

    @girish I hope I am in the right place with my question:

    Is it possible for Cloudron users to automatically log in to the installed apps via SSO?

    girishG 2 Replies Last reply
    0
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to lukas on last edited by girish
    #6

    @lukas With LDAP based sign on, automatic login is not possible (just not possible technically). In 7.4, we have made Cloudron an OIDC provider. You can create OIDC secrets from the dashboard and integrate it into apps yourself. OIDC supports automatic login.

    The next step for us is to evaluate how good/bad the integration is across apps and integrate them into app packages (just like we do for LDAP). So far, we have evaluated a bunch of app and the results are promising! But there are also some quirks - for example, the nextcloud OIDC integration always prefixes the username. This means that your username on nextcloud is cloudron-lukas , for example. But in the long run, if OIDC works well, we will switch over completely. I expect this to take a good 3-4 months at the minimum.

    1 Reply Last reply
    2
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    replied to lukas on last edited by
    #7

    @lukas Forgot to link to the docs - https://docs.cloudron.io/user-management/#openid-connect

    1 Reply Last reply
    2

  • Login
  • Don't have an account? Register
  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks