Top Menu

Jump to content
Home
    Modules
      • Projects
      • Activity
      • Work packages
      • Gantt charts
      • Calendars
      • Team planners
      • Boards
      • News
    • Getting started
    • Introduction video
      Welcome to OpenProject Community
      Get a quick overview of project management and team collaboration with OpenProject. You can restart this video from the help menu.
    • Help and support
    • Upgrade to Enterprise edition
    • User guides
    • Videos
    • Shortcuts
    • Community forum
    • Enterprise support
    • Additional resources
    • Data privacy and security policy
    • Digital accessibility (DE)
    • OpenProject website
    • Security alerts / Newsletter
    • OpenProject blog
    • Release notes
    • Report a bug
    • Development roadmap
    • Add and edit translations
    • API documentation
  • Sign in
      Forgot your password?

      or sign in with your existing account

      OpenProject ID Google

Side Menu

  • Overview
  • Activity
    Activity
  • Roadmap
  • Work packages
    Work packages
  • Gantt charts
    Gantt charts
  • Boards
    Boards
  • Wiki
    Wiki

Content

Updated by Jan Sandbrink 4 months ago

**As** an administrator setting up the OpenProject-Nextcloud integration setting up the OpenProject side
**I want to** have a second option to use OIDC based access tokens instead of OAuth2 access tokens when I also use and IDP like Keycloak for single sign on (SSO)
**so that** not each user needs to got through the OAuth grant flow.

**Acceptance criteria**

* In the files storages settings for Nextcloud, the first form fom is extended with a select box "Authentication method" with the options

* "Two-way OAuth2 authorization code flow" (default)

* "Common OpenID Connect Identity Provider"

* If the admin chooses "OAuth2" then step 2 will be "OAuth applications" with the sub-steps "OpenProject OAuth" and "Nextcloud OAuth" as we currently have them

* If the admin chooses "OIDC" then step 2 will be a new form "OpenID Connect"

* It tells that the setup was only successfully tested with Keycloak and not with other OIDC providers.

* It tells to follow the setup instructions in the docs on how to configure OIDC in OpenProject and how to configure the OIDC provider and offers a link to the correct OpenProject docs.

* (?) The admin is required to select an OIDC provider. (dropdown).

* The admin must enter the OIDC client ID of Nextcloud (text input)

* The save button should be labeled as "Save & continue" (leading to the existing step 3 "Project folders")


**Figma**

workPackageValue:"Figma wireframes"

**QA Notes**

The followup features ##61532 and ##61623 already change the UI implemented here. The former adds a third option for the authentication method, but should otherwise not harm testability. The latter changes the UI to configure the Client ID of Nextcloud and adds some additional radio buttons there.

Back

Loading...