diff --git a/OpenID-Connect----OAuth2.md b/OpenID-Connect----OAuth2.md index 0ac5d94..61ce9df 100644 --- a/OpenID-Connect----OAuth2.md +++ b/OpenID-Connect----OAuth2.md @@ -21,46 +21,8 @@ This page describes how to authenticate and (optionally) integrate other applica > Go to: Admin > Applications > OpenID / OAuth2 server > Clients ### Configuration of tested clients - -#### Rocket.Chat custom OAuth configuration - -Install Rocket.Chat eg. via [docker-compose](https://rocket.chat/docs/installation/docker-containers/docker-compose/). - -You need to create a Client-Identifier and -Secret via Admin >> OpenID / OAuth2 server >> Clients with the following grants: -* Authorization Code -* Refresh Token -* Implicit - -Then head in the Rocket.Chat Administration down to OAuth and click [Add custom oauth], give it a name eg. "EGroupware" and add the following values: -``` -Enable: True -URL: https://example.org/egroupware/openid/endpoint.php -Token Path: /access_token -Token Send Via: Payload -Identity Token Send Via: Header -Identity Path: /userinfo -Authorize Path: /authorize -Scope: openid email profile roles -Param Name for access token: access_token -Id: -Secret: -Login Style: Redirect -Button Text: EGroupware users click here -Username field: id -Name field: name -Avatar field: picture -Roles/Groups field name: roles -Merge roles from SSO: True (currently role got lost when rocketchat/status app login to RC api!) -Merge Users: True -``` -Then click on [Save changes] to activate login and user creation through EGroupware. - -(If Rocket.Chat runs in Docker on a Mac and EGroupware directly on the Mac, use "docker.for.mac.localhost" as hostname, as it is different from localhost!) - -If you only want users from EGroupware and no free registration with local passwords, go to Adminstration >> Accounts and set: -``` -Show Default Login Form: False -``` +* [[Rocket.Chat]] +* [[Moodle]] ### Troubleshooting * Enable request log under: Admin > Applications > OpenID / OAuth2 server > Request log