This plugin is used to authenticate in redmine through Azure. It was more than inspired by redmine_omniauth_google see https://github.com/twinslash/redmine_omniauth_google and redmine_omniauth_github see https://github.com/ares/redmine_omniauth_github
Choose folder /plugins, make command
git clone https://github.com/Gucin/redmine_omniauth_azure.git
Update gems and restart rails server.
To make possible to authenticate via Azure you must first to register application in Azure
- Go to the registration link.
- Goto Application tab, click "Add"
- Choose "Add an application my organization is developing"
- Choose "Web Application/OR Web API", fill in the "Name"
- Fill in the "Sign-on URL" and "App ID URL" with your website corresponding address. Please ensure APP ID URL is unique
- Goto Configure tab, find the "CLIENT_ID"
- Generate a new key and remember the key value as "CLIENT_SECRET"
- Fill your callback url to "REPLY URI"
- Save your changes, and click "View Points" to get tenant id
- The tenant id is a unique id for each application
https://graph.windows.net/ff5ffbee-d997-4f49-a926-5f3c41bc45a3 tenant id is ff5ffbee-d997-4f49-a926-5f3c41bc45a3
The registrations is complete.
To make plugin to work properly
- Login as administrator. In top menu select "Administration". Choose menu item Plugins. In plugins list choose "Redmine Omniauth Azure plugin". Press "Configure".
- Fill Сlient ID & Client Secret & Tenant ID by corresponding values, obtained by Azure.
- Put the check "Oauth authentification", to make it possible to login through Azure. Click Apply. Users can now to use apportunity to login via Azure.
Additionaly
- Setup value Autologin in Settings on tab Authentification
By default, all domains are allowed to authenticate through Azure. To limit login through Azure for other domains you have to fill allowed domains in the text box field the "Allowed domains". Domains must be separated by newlines. For example:
onedomain.com
otherdomain.com
User goes to the login page (sign in) and clicks the button with Azure image. The plugin redirects him to Azure where user enters his the еmail & password from Azure. Azure redirects user back to plugins controller. Then the following cases:
- If auto registration is enabled, user is redirected to 'my/page'
- In other case user account is created and waited for admin activation