View Attach (5) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
 oidc_crushftp_related_settings... 137.0 kB 1 09-Jan-2025 07:29 krivacsz
png
 oidc_dmz_plugin_settings.png 141.0 kB 2 09-Jan-2025 23:13 krivacsz
png
 oidc_general_plugin_settings.p... 39.3 kB 1 09-Jan-2025 07:32 krivacsz
png
 oidc_idp_related_plugin_settin... 176.0 kB 3 09-Jan-2025 23:17 krivacsz
png
 oidc_login_buttons.png 59.4 kB 1 09-Jan-2025 07:50 krivacsz

This page (revision-295) was last changed on 10-Jan-2025 02:22 by krivacsz

This page was created on 06-Jan-2025 23:39 by krivacsz

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 34 changed one line
This HTTP URL is part of the OpenID Connect (OIDC) Discovery mechanism. It follows a standard called __RFC 5785__ ([https://datatracker.ietf.org/doc/html/rfc5785]), which defines the use of __.well-known__ URIs for discovering metadata about services. It queries this HTTP endpoint to configure itself dynamically, avoiding hard-coded values. The retrieved JSON document includes important endpoints and details like:\\
This HTTPS URL is part of the OpenID Connect (OIDC) Discovery mechanism. It follows a standard called __RFC 5785__ ([https://datatracker.ietf.org/doc/html/rfc5785]), which defines the use of __.well-known__ URIs for discovering metadata about services. It queries this HTTP endpoint to configure itself dynamically, avoiding hard-coded values. The retrieved JSON document includes important endpoints and details like:\\
At line 69 changed one line
__Client ID__: Provide the Client ID (the unique identifier) of your IdP.\\
__Client ID__: Provide the Client ID (the unique identifier of your IdP's App registration) of your IdP.\\
At line 93 changed one line
__Get Refresh Token__: It is used to access the user's cloud storage through the IdP. It adjusts the __Authorization URL__ by appending the following parameters:\\
__Get Refresh Token__: It is used for access the user's cloud storage through the IdP. It adjusts the __Authorization URL__ by appending the following parameters:\\
At line 107 changed one line
__Microsoft__ does not require additional scopes for this purpose. Ensure that the __App Registration__ includes the __"Files.ReadWrite.All"__ permission, configured as either Delegated or Application. More info at [SharePoint Integration].\\
__Microsoft Azure App Registration__ does not require additional scopes for this purpose. Ensure the __App Registration__ includes the __"Files.ReadWrite.All"__ permission, configured as either Delegated or Application. More info at [SharePoint Integration].\\
At line 124 added 6 lines
__Special Case for Microsoft Azure AD:__ When using __Microsoft Azure AD__ as the Identity Provider (IdP), a specific user endpoint is required to retrieve group information for the authenticated user:\\
{{{
https://graph.microsoft.com/v1.0/me
}}}
In this scenario, the plugin makes __an additional API call to this endpoint__ to fetch the user's __group membership__ details. The App registration must include the __Group.Read.All__ permission to enable access to group information.\\
\\
At line 242 changed one line
The DMZ interface has a slightly different UI because IdP user validation is handled exclusively on the internal node. To function properly, the __DMZ must replicate the internal node's settings__ for the following parameters::\\
The DMZ's CrushOIDC plugin has a slightly different UI because IdP user validation is handled exclusively on the internal node. To function properly, the __DMZ must replicate the internal node's settings__ for the following parameters:\\
\\
Version Date Modified Size Author Changes ... Change note
295 10-Jan-2025 02:22 16.941 kB krivacsz to previous
294 10-Jan-2025 02:12 16.94 kB krivacsz to previous | to last
293 10-Jan-2025 02:04 16.917 kB krivacsz to previous | to last
292 10-Jan-2025 02:01 16.886 kB krivacsz to previous | to last
291 09-Jan-2025 23:55 16.877 kB krivacsz to previous | to last
290 09-Jan-2025 23:50 16.717 kB krivacsz to previous | to last
289 09-Jan-2025 23:45 16.543 kB krivacsz to previous | to last
288 09-Jan-2025 23:39 16.386 kB krivacsz to previous | to last
287 09-Jan-2025 23:38 16.383 kB krivacsz to previous | to last
286 09-Jan-2025 23:35 16.361 kB krivacsz to previous | to last
285 09-Jan-2025 23:27 16.349 kB krivacsz to previous | to last
284 09-Jan-2025 23:26 16.349 kB krivacsz to previous | to last
283 09-Jan-2025 23:24 16.346 kB krivacsz to previous | to last
282 09-Jan-2025 23:23 16.348 kB krivacsz to previous | to last
281 09-Jan-2025 23:22 16.342 kB krivacsz to previous | to last
« This page (revision-295) was last changed on 10-Jan-2025 02:22 by krivacsz
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
CrushOAuth
LeftMenu

JSPWiki