topic External Authentication using OIDC/SAML ? in Alfresco Forum https://connect.hyland.com/t5/alfresco-forum/external-authentication-using-oidc-saml/m-p/486646#M39839 <P>Looking at the documentation, external authentication support seems limited.<BR /><BR />cf. <A href="https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Administer/Manage-Security/Authentication-and-sync/Configure-authentication-subsystems/Configure-external-authentication/External-authentication-and-SSO" target="_blank" rel="noopener">https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Administer/Manage-Security/Authentication-and-sync/Configure-authentication-subsystems/Configure-external-authentication/External-authentication-and-SSO</A></P><P>AFAIU, only the CAS protocol is supported.<BR /><BR />In our organization we have a central Identity Provider that offers OIDC and SAML protocol.<BR />Is it possible to configure ACS to authenticate using one of these protocols?<BR /><BR />If not, is it on a roadmap somewhere?<BR /><BR />It seems though that SAML is used with an internal Keycloak that, apparently MUST be based on a LDAP backend. AFAICS, it enables an SSO between Alfresco internal components, so that you login once and can access ACS, AS and more.<BR /><BR />It's hard to understand what would be the general architecture when using an external authentication, without LDAP. How do the different Alfresco components work with the supported CAS external authentication ?</P> Fri, 31 Jan 2025 10:51:51 GMT jeans 2025-01-31T10:51:51Z External Authentication using OIDC/SAML ? https://connect.hyland.com/t5/alfresco-forum/external-authentication-using-oidc-saml/m-p/486646#M39839 <P>Looking at the documentation, external authentication support seems limited.<BR /><BR />cf. <A href="https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Administer/Manage-Security/Authentication-and-sync/Configure-authentication-subsystems/Configure-external-authentication/External-authentication-and-SSO" target="_blank" rel="noopener">https://support.hyland.com/r/Alfresco/Alfresco-Content-Services/23.4/Alfresco-Content-Services/Administer/Manage-Security/Authentication-and-sync/Configure-authentication-subsystems/Configure-external-authentication/External-authentication-and-SSO</A></P><P>AFAIU, only the CAS protocol is supported.<BR /><BR />In our organization we have a central Identity Provider that offers OIDC and SAML protocol.<BR />Is it possible to configure ACS to authenticate using one of these protocols?<BR /><BR />If not, is it on a roadmap somewhere?<BR /><BR />It seems though that SAML is used with an internal Keycloak that, apparently MUST be based on a LDAP backend. AFAICS, it enables an SSO between Alfresco internal components, so that you login once and can access ACS, AS and more.<BR /><BR />It's hard to understand what would be the general architecture when using an external authentication, without LDAP. How do the different Alfresco components work with the supported CAS external authentication ?</P> Fri, 31 Jan 2025 10:51:51 GMT https://connect.hyland.com/t5/alfresco-forum/external-authentication-using-oidc-saml/m-p/486646#M39839 jeans 2025-01-31T10:51:51Z