Page 1 of 1

SSO web authentication process

Posted: Fri Apr 29, 2022 8:49 am
by atoy40
Hello,

we're implementing SSO authentication by using the new 2.5 feature (client pending + WEB_AUTH) but this is not very well documented.
First,: it seems impossible to configure a profile without username and password (username is mandatory when saving the profile), but by definition, there is no login/pass to setup in the client when using SSO, because they'll be provided trough the SSO login form. Any workarround ? (i"'ve seen in the viscosity client an option to disable login/passwd per profile)
then, on the webview itself laaunched by openvpn connect, is there anything to do, when auth process is done, to close the webview and returns to the client UI ? may be trought a window.postMessage handled by openvpn connect ?

thanks
Anthony.

Re: SSO web authentication process

Posted: Mon Aug 01, 2022 4:39 pm
by mkrauser
Hey atoy40,

I'm also trying to implement SSO with OpenVPN. Can you share details of your config?
What to do within the web-view is described here:

https://github.com/OpenVPN/openvpn3/blo ... webauth.md

But I did not even manage to open the web-view correctly. I'm sending the WEBAUTH-Response, but so far the client does not open the url.

/Matthias