Publik¶
Presentation¶
Publik is an open-source citizen relationship management tool.
See the official Publik website for a complete presentation.
It feature an OpenID Connect login that work with LemonLDAP::NG.
Configuring Publik¶
Connect to your publik instance authentic2 webui with an Admin user, in the admin panel, go to “Authentic2_Auth_Oidc” › “Oidc providers”.
Click on “Add Oidc Provider”.
Name : LemonLDAP SSO
Short id : lemonldap
Provider : https://auth.example.com/
Client id : clientid
Client secret : secret
Authorization endpoint : https://auth.example.com/oauth2/authorize
Token endpoint : https://auth.example.com/oauth2/token
Userinfo endpoint : https://auth.example.com/oauth2/userinfo
End session endpont : https://auth.example.com/oauth2/logout
WebKey JSON : Copy/Paste the content of https://auth.example.com/oauth2/jwks
Claims Enabled : yes
Show on connection page : yes
Strategy and Collectivity can be configured based to your needs.
OIDC Claim mappings can be configured based on your needs.
Configuring LemonLDAP¶
We now have to configure LemonLDAP::NG to recognize publik as a valid OIDC relying party.
Add a new OpenID Connect relying party with the following parameters (Options -> Basic) :
Client ID: the same you set in Publik configuration.
Client Secret: the same you set in Publik configuration.
Allowed redirection addresses for login: The “Callback URL” for authentic2 : https://authentic2-instance/accounts/oidc/callback/
And in Options -> Logout
Allowed redirection addresses for logout: The “Logout URL” for authentic2 : https://authentic2-instance/logout/