View Attach (11) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
 oidc_crushftp_related_settings... 137.0 kB 1 09-Jan-2025 07:29 krivacsz
png
 oidc_dmz_plugin_settings.png 141.0 kB 2 09-Jan-2025 23:13 krivacsz
png
 oidc_dropbox_settings.png 58.1 kB 1 19-May-2025 05:22 krivacsz
png
 oidc_gdrive_settings.png 71.2 kB 1 19-May-2025 05:25 krivacsz
png
 oidc_general_plugin_settings.p... 39.3 kB 1 09-Jan-2025 07:32 krivacsz
png
 oidc_gstorage_settings.png 67.4 kB 1 19-May-2025 05:51 krivacsz
png
 oidc_idp_related_plugin_settin... 176.0 kB 3 09-Jan-2025 23:17 krivacsz
png
 oidc_login_buttons.png 59.4 kB 1 09-Jan-2025 07:50 krivacsz
png
 oidc_onedrive_settings.png 71.6 kB 1 19-May-2025 04:24 krivacsz
png
 oidc_redirect_base_setting.png 37.0 kB 1 05-Feb-2025 03:55 krivacsz
png
 oidc_sharepoint2_settings.png 74.6 kB 1 19-May-2025 05:18 krivacsz

This page (revision-386) was last changed on 19-May-2025 10:27 by krivacsz

This page was created on 06-Jan-2025 23:39 by krivacsz

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 34 changed one line
This HTTP URL is part of the OpenID Connect (OIDC) Discovery mechanism. It follows a standard called __RFC 5785__ ([https://datatracker.ietf.org/doc/html/rfc5785]), which defines the use of __.well-known__ URIs for discovering metadata about services. It queries this HTTP endpoint to configure itself dynamically, avoiding hard-coded values. The retrieved JSON document includes important endpoints and details like:\\
This HTTPS URL is part of the OpenID Connect (OIDC) Discovery mechanism. It follows a standard called __RFC 5785__ ([https://datatracker.ietf.org/doc/html/rfc5785]), which defines the use of __.well-known__ URIs for discovering metadata about services. It queries this HTTP endpoint to configure itself dynamically, avoiding hard-coded values. The retrieved JSON document includes important endpoints and details like:\\
At line 69 changed one line
__Client ID__: Provide the Client ID (the unique identifier) of your IdP.\\
__Client ID__: Provide the Client ID (the unique identifier of your IdP's App registration) of your IdP.\\
At line 93 changed one line
__Get Refresh Token__: It is used to access the user's cloud storage through the IdP. It adjusts the __Authorization URL__ by appending the following parameters:\\
__Get Refresh Token__: It is used for access the user's cloud storage through the IdP. It adjusts the __Authorization URL__ by appending the following parameters:\\
At line 107 changed one line
__Microsoft__ does not require additional scopes for this purpose. Ensure that the __App Registration__ includes the __"Files.ReadWrite.All"__ permission, configured as either Delegated or Application. More info at [SharePoint Integration].\\
__Microsoft Azure App Registration__ does not require additional scopes for this purpose. Ensure the __App Registration__ includes the __"Files.ReadWrite.All"__ permission, configured as either Delegated or Application. More info at [SharePoint Integration].\\
At line 124 added 6 lines
__Special Case for Microsoft Azure AD:__ When using __Microsoft Azure AD__ as the Identity Provider (IdP), a specific user endpoint is required to retrieve group information for the authenticated user:\\
{{{
https://graph.microsoft.com/v1.0/me
}}}
In this scenario, the plugin makes __an additional API call to this endpoint__ to fetch the user's __group membership__ details. The App registration must include the __Group.Read.All__ permission to enable access to group information.\\
\\
At line 242 changed one line
The DMZ interface has a slightly different UI because IdP user validation is handled exclusively on the internal node. To function properly, the __DMZ must replicate the internal node's settings__ for the following parameters::\\
The DMZ's CrushOIDC plugin has a slightly different UI because IdP user validation is handled exclusively on the internal node. To function properly, the __DMZ must replicate the internal node's settings__ for the following parameters:\\
\\
Version Date Modified Size Author Changes ... Change note
386 19-May-2025 10:27 22.102 kB krivacsz to previous
385 19-May-2025 10:25 22.096 kB krivacsz to previous | to last
384 19-May-2025 10:24 22.105 kB krivacsz to previous | to last
383 19-May-2025 10:22 22.106 kB krivacsz to previous | to last
382 19-May-2025 10:17 22.094 kB krivacsz to previous | to last
381 19-May-2025 10:17 22.076 kB krivacsz to previous | to last
« This page (revision-386) was last changed on 19-May-2025 10:27 by krivacsz
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
Amazon Cognito Configuration
Apple Sign In Configuration
Azure Active Directory B2C Configuration
CrushOAuth
Dropbox Integration
Enterprise License Enhancements
GDriveSetup
Google Sign in Configuration
LeftMenu
Microsoft Sign in Configuration

JSPWiki