Azure Service for use with the oAuth Plugin
Table of Contents
oauthazure Plugin
Compatible with DokuWiki
- 2024-02-06 "Kaos" yes
- 2023-04-04 "Jack Jackrum" yes
- 2022-07-31 "Igor" yes
- 2020-07-29 "Hogfather" yes
Installation
External requirements: This plugin requires the oAuth Plugin.
Install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually.
Configuration
Create a new Application in your Azure account, then configure:
- client ID (
Application (client) ID, deAnwendungs-ID (Client)) - client secret (
ValueNOTSecret ID, deWertNICHTGeheime ID) - tenant (
Directory (tenant) ID, deVerzeichnis-ID (Mandant))
By default, the plugin will map roles found in the JWT auth token to groups. If you want to use the user's real groups in ACLs you need to enable the fetchgroups config. The plugin will request two additional permissions on top of the usual oAuth scopes: User.Read and GroupMember.Read.All.
Assign the group “azure” to the users, then you can log in directly with it.
For further setup see oauth page.
All users authorized by this plugin are added to automatic azure group by oauth. You can use this in your ACL configuration.
Development
Acknowledgements
The code has been originally based on the oauthkeycloak plugin.
Change Log
- Version upped (2023-06-12 23:51)
- Merge pull request #2 from glensc/strip-domain (2023-06-12 18:31)
- Strip domain if stripdomain config is enabled (2023-04-20 18:49)
- Add stripdomain config option (2023-04-20 18:48)
- also use the profile scope (2022-10-11 15:51)
- upped version (2022-10-11 15:45)
- rewrite for Azure (2022-10-11 15:36)
- Version upped (2022-03-17 15:56)