Enterprise Licenses Only
#
This plugin allows you to delegate access of OAuth providers. On the CrushFTP's login page next to the login button will appear the enabled provider's "Signed in" button".Currently Google Sign-In, Microsoft Sign-In, Azure Active Directory B2C Sign in and Amazon Cognito Sign in are supported.
1. Google Sign-In
#
See Google Sign in Configuration
2. Microsoft Sign-In
#
See Microsoft Sign in Configuration
3. Azure Active Directory B2C
#
See Azure Active Directory B2C Configuration
4. Amazon Cognito
#
About Amazon Cognito : https://aws.amazon.com/cognito/
Create (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) or use one of your existing Amazon Cognito user pool: https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html
Create or configure app client of the user pool (https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-client-apps.html).
App type : Select Confidential client.
Enable Generate client secret.
Allowed callback URLs: https://your.CrushFTP.domain.com/WebInterface/login.html
OAuth 2.0 grant types : Authorization code grant
OpenID Connect scopes : OpenID
Go to the Preferences-> Ip/Servers and select the HTTP or HTTPS port item(OAuth Sign in Tab) where you want to enable the Amazon Cognito Sing-In button. Check the "Enable Amazon Cognito Sign in" flag.
Required info from App client of the User Pool : Client ID and Client Secret.
Required info from User Pool :
Cognito Domain Prefix: It is part of the Cognito domain (Amazon console -> Amazon Cognito -> User Pools -> User poll -> App integration tab). It also contains the region of the User Pool.
Like:
[domain_name].auth.[amazon region]
User pool ID
Configure the CrushOAuth plugin and enable the flag: Enable Amazon Cognito Auth.
5. Plugin Settings
#
1. Username matching -> It filters the OAuth user name (Google Auth: email address, Microsoft Auth: user principle name). You can put multiple value separated by comma. Domain filter is allowed to (like *mydomain.com).
2. Allowed authentication types
3. OAuth only used for Authentication (User manager then defines user's access.) -> If the users already exists with username of the OAuth, you can use the plugin just for authentication.
4. Template Username -> The signed in user inherits no just the settings, but the VFS items too (as Linked VFS).
Import settings from CrushFTP user -> The signed in user inherits just the settings from this user. It must have a value! Default value would be : default -> the default user of CrushFTP
5. VFS related settings : You can also assign a VFS item for the signed in user.
Add new attachment
List of attachments
Kind | Attachment Name | Size | Version | Date Modified | Author | Change note |
---|---|---|---|---|---|---|
png |
app_reg_auth_config.png | 160.8 kB | 1 | 11-Feb-2022 03:18 | krivacsz | |
png |
app_reg_config.png | 173.1 kB | 1 | 11-Feb-2022 03:10 | krivacsz | |
png |
b2c_azure_settings.png | 184.4 kB | 1 | 13-Jul-2022 05:39 | krivacsz | |
png |
b2c_client_id.png | 127.2 kB | 1 | 13-Jul-2022 06:01 | krivacsz | |
png |
b2c_id_token.png | 207.0 kB | 1 | 13-Jul-2022 05:49 | krivacsz | |
png |
cognito_client_id_secret.png | 66.4 kB | 2 | 21-Nov-2022 04:11 | krivacsz | |
png |
cognito_user_pool.png | 82.3 kB | 2 | 21-Nov-2022 04:07 | krivacsz | |
png |
cognito_user_pool_app_client_1... | 244.9 kB | 1 | 07-Sep-2022 03:29 | krivacsz | |
png |
cognito_user_pool_app_client_2... | 340.5 kB | 1 | 07-Sep-2022 03:29 | krivacsz | |
png |
dmz_template_user_internal_por... | 94.7 kB | 1 | 13-Sep-2023 06:21 | krivacsz | |
png |
g_sign_origin_redirect_url.png | 85.4 kB | 1 | 19-Nov-2022 08:24 | krivacsz | |
png |
gsign_in_button.png | 204.4 kB | 1 | 23-Aug-2021 16:11 | krivacsz | |
png |
http_port_oauth_item_settings.... | 43.5 kB | 1 | 13-Sep-2023 05:43 | krivacsz | |
png |
plugin_settings.png | 99.6 kB | 7 | 17-Feb-2023 10:22 | krivacsz | |
png |
port_item_settings.png | 76.4 kB | 2 | 11-Feb-2022 02:41 | krivacsz | |
png |
port_item_settings_b2c.png | 105.6 kB | 1 | 13-Jul-2022 06:29 | krivacsz | |
png |
port_item_settings_cognito.png | 14.1 kB | 2 | 07-Sep-2022 04:24 | krivacsz | |
png |
port_item_settings_ms.png | 75.3 kB | 1 | 11-Feb-2022 03:35 | krivacsz |