Tarek

Hi, I want to make SSO login with identity access managment tool , its possible to do this with Rest Api ? for example within /intranet-rest/auto-login , so I create a new package and in my login.tcl , I have redirect link to iam tool there I put my credentials and then I receive an access token So what do you think how should I redirect the token to PO and how to validate it ? is there special endpoint that receive a token? Its possbile to decode the token and take for example the email or username...

Hi Frank , I have question reagrding my SSO implementation, I create my own package that handle the received token from my oidc client, the structure of packages folder and the tcl code its similar to https://github.com/openacs/auth-cas ,the only difference is in my procs.tcl i add a piece of code that decode the token and validate it so my package already installed I can see my new authority. My Problem now that I received the token in the url of my po timesheet instance but Nothing happen from...

Hi Frank, do you think that i need to add new application under the admin/application or normally when I install my package I will be able to see my Authentication in the list of authentication field ? Do I you missing something? Thanks, Tarek

Hi Frank, thanks for the info. I installed correctly and Iam able to see my package in package manager, I create new authority sso ,but the problem in the Authentication tab Iam not able to see my auth. I only see local and Ldap. I was curious why and I checked in error log because I thought is syntx error in my sso-procs.tcl but there are no errors . Do you know why I cant see my auth? thanks Frank and have a nice weekend. best regards,

Hi Frank, Thanks for your response. JavaScript because we are doing this just for testing. As I understand from your feedback , I need to decode the token and take the user information , for example in that token user inc the email address , with the email address I check if the user in timesheet exist , then I create session for that user, right ? my last questions: for the login I need to create new package , I need to create a tcl file that redirect to my oidc client and the another tcl file that...

Hi Frank, thank you very much for your response, for the moment we are doing just investigation on how to do it, If we need your help I will let you know. I was looking in Openacs.org there are no openid packae availbe. Another Question Please, we implement a openid client (node js app) and using the library of nodejs openid-client , we try to login to timesheet and riderect to openid provider and then we receive the access token inkl (name, username) from the openID Provider and than the Openid...

<meta http-equiv="Content-Type" content="text/html; charset=utf-8"><meta name="Generator" content="Microsoft Word 15 (filtered medium)"><style><!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0cm; font-size:11.0pt; font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;}...