Publik¶
Presentation¶
Publik is an open-source citizen relationship management tool.
See the official Publik website for a complete presentation.
It feature an OpenID Connect login that work with LemonLDAP::NG.
Configuring Publik¶
Connect to your publik instance authentic2 webui with an Admin user, in the admin panel, go to “Authentic2_Auth_Oidc” › “Oidc providers”.
Click on “Add Oidc Provider”.
- Name : LemonLDAP SSO
- Short id : lemonldap
- Provider : https://auth.example.com/
- Client id : clientid
- Client secret : secret
- Authorization endpoint : https://auth.example.com/oauth2/authorize
- Token endpoint : https://auth.example.com/oauth2/token
- Userinfo endpoint : https://auth.example.com/oauth2/userinfo
- End session endpont : https://auth.example.com/oauth2/logout
- WebKey JSON : Copy/Paste the content of https://auth.example.com/oauth2/jwks
- Claims Enabled : yes
- Show on connection page : yes
Strategy and Collectivity can be configured based to your needs.
OIDC Claim mappings can be configured based on your needs.
Configuring LemonLDAP¶
We now have to configure LemonLDAP::NG to recognize publik as a valid OIDC relying party.
Add a new OpenID Connect relying party with the following parameters (Options -> Basic) :
- Client ID: the same you set in Publik configuration.
- Client Secret: the same you set in Publik configuration.
- Allowed redirection addresses for login: The “Callback URL” for authentic2 : https://authentic2-instance/accounts/oidc/callback/
And in Options -> Logout
- Allowed redirection addresses for logout: The “Logout URL” for authentic2 : https://authentic2-instance/logout/