Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Document Identity Management in an own section #535

Open
5 tasks
mmattel opened this issue Jun 13, 2023 · 3 comments
Open
5 tasks

Document Identity Management in an own section #535

mmattel opened this issue Jun 13, 2023 · 3 comments

Comments

@mmattel
Copy link
Contributor

mmattel commented Jun 13, 2023

As discussed with @rhafer
Should be done with higher prio as many things depend on that info.

Complexity: 5

Topics

  • User and Groups
  • Authentifizierung
  • Internal only
  • External only
  • Combinations of both
@mmattel
Copy link
Contributor Author

mmattel commented Jun 15, 2023

I have the feeling that #518 can be part of this...

@micbar
Copy link
Contributor

micbar commented Jun 27, 2023

@rhafer Did you have some special topics in mind?

IMO "Identity Management" Is a very broad topic. We need to identify actionable items which can be improved.

@rhafer
Copy link
Contributor

rhafer commented Jun 27, 2023

  • I guess we need some form of overview. i.e. how the different service (idm, idp, graph, users, groups) interact which each other
  • document the restrictions of the builtin IDP and IDM services
  • We need some better documentation about how to integrate with existing directories (for replacing the idm) and OpenID Connect Providers (for replacing the IDP). Especially what requirements we have on those external services and what options exist (e.g. how to pick a proper LDAP attribute for the userid, or what requirements we have for the OIDC base roles assignement, how to properly setup backchannel logout). BTW, I am NOT looking for a detailed step by step guide for specific IDPs or LDAP implementations here, just generic information to help folks with whatever thing they want to connect to.
  • we need more documentation about the user-management capabilities of the graph API (i.e. if you want to manage user and groups through our WebUI, we have some pretty specific requirements on the used LDAP schema),

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants