Compatible with DokuWiki
External requirements: This plugin requires the oAuth Plugin.
Install the plugin using the Extension Manager. Refer to Plugins on how to install plugins manually.
Create a new Application in your Azure account, then configure:
Application (client) ID
, de Anwendungs-ID (Client)
)Value
NOT Secret ID
, de Wert
NICHT Geheime ID
) Directory (tenant) ID
, de Verzeichnis-ID (Mandant)
)
By default, the plugin will map roles found in the JWT auth token to groups. If you want to use the user's real groups in ACLs you need to enable the fetchgroups
config. The plugin will request two additional permissions on top of the usual oAuth scopes: User.Read
and GroupMember.Read.All
.
Assign the group “azure” to the users, then you can log in directly with it.
For further setup see oauth page.
All users authorized by this plugin are added to automatic azure
group by oauth. You can use this in your ACL configuration.
The code has been originally based on the oauthkeycloak plugin.