How would we support SSO using PKI Client Certificates?

Eric Little shared this question 4 years ago
Answered

Our primary application uses PKI Certification. So, how would we support SSO using PKI Client Certificates?

Comments (3)

photo
1

Eric,

Please describe us your needs and your server infrastructure in more detail with example. We don't have PKI support, but you can order a custom module development for Self-hosted version only.

photo
1

Alright, our application does not have a traditional login. Users are identified via their PKI certificates and they either do, or don't, have access. Our authentication service is similar to LDAP.


If I wanted to tackle a custom module myself, where would you point me to begin?

photo
1

Hello, thank you for providing details on pki certificates. We have reviewed it and it would definitely need to build custom module based on standard sso module where ldap would be taken as a basis.

So if you want to build it yourself, you need to have self-hosted license and sso module. Review the code that would be located in application/3.4.3/modules/sso and based on that add one more method of authentication that would appear in the system on the following page Administration - Login Plus - Single Sign-on.

But we can build module for you at the request that would cost ~$1200-$1500 (depends on complexity) and take 3-4 business days after providing more details.

Let us know if you have more questions.