Content
View differences
Updated by Nabin Ale about 1 year ago
It is possible to use Nextcloud as IDP for Openproject. The integration OIDC auth method should work with the Keycloak as IDP (open-desk) as well as Nextcloud as IDP (nextcloud-hub) (From [https://community.openproject.org/meetings/4240#item-9472)](https://community.openproject.org/meetings/4240#item-9472\))
Currently, we have been developing and testing the OIDC auth method feature with the Keycloak IDP. The feature should also be compatible with Nextcloud IDP.
<br>
Setting up Nextcloud as IDP:
* [https://github.com/H2CK/oidc](https://github.com/H2CK/oidc) (Also see: [https://github.com/H2CK/oidc/pull/515](https://github.com/H2CK/oidc/pull/515))
## Steps:
**Make Nextcloud an IDP**
1\. Install odic app
2\. Go to Administation -> Security
3\. Under "OpenID Connect clients" section:
- Add a client name (**not an identifier**)
- \- Add a redirect URL (`https://openproject.local/auth/oidc-<idp-displayname-from-OP>/callback`: see OP setup below)
- \- Save
- \- Note **Client ID** and **Client secret**
4\. Create a new user: username, displayname, password, and email
**Enable user\_oidc configs**
`php occ config:system:set user_oidc --type boolean --value="true" oidc_provider_token_generation`
`php occ config:system:set user_oidc --type boolean --value="true" oidc_provider_bearer_validation`
**Add Nextcloud as an IDP in OpenProject**
1\. Go to Administration -> Authentication
2\. Add a custom OpenID provider:
* \- Display name: `nextcloud` (use this name as redirect URL in Nextcloud: `<idp-displayname-from-OP>`)
*
\- Discovery URL: `https://nextcloud.local/index.php/.well-known/openid-configuration`
*
\- Client ID: `client-id` from Nextcloud
*
\- Client secret: `client-secret` from Nextcloud
*
\- Finish setup
3\. Login to openproject with created nextcloud user.
Currently, we have been developing and testing the OIDC auth method feature with the Keycloak IDP. The feature should also be compatible with Nextcloud IDP.
<br>
Setting up Nextcloud as IDP:
* [https://github.com/H2CK/oidc](https://github.com/H2CK/oidc) (Also see: [https://github.com/H2CK/oidc/pull/515](https://github.com/H2CK/oidc/pull/515))
## Steps:
**Make Nextcloud an IDP**
1\. Install odic app
2\. Go to Administation -> Security
3\. Under "OpenID Connect clients" section:
- Add a client name (**not an identifier**)
-
-
-
4\. Create a new user: username, displayname, password, and email
**Enable user\_oidc configs**
`php occ config:system:set user_oidc --type boolean --value="true" oidc_provider_token_generation`
`php occ config:system:set user_oidc --type boolean --value="true" oidc_provider_bearer_validation`
**Add Nextcloud as an IDP in OpenProject**
1\. Go to Administration -> Authentication
2\. Add a custom OpenID provider:
*
*
\-
*
\-
*
\-
*
\-
3\. Login to openproject with created nextcloud user.