Is SSO compatible with selfhosted Loomio ?

Hello,
To be more precise, would it be possible to make Loomio compatible with any SSO with SAML or OpenID Connect ?
I am surprised that not all communities created around Loomio use SSO, which is a very useful tool to manage user data in a centralized and secure way. Maybe I'm missing something...
Thanks!

Hi, yes we've connected to a few kinds of SAML server now.

You need to set two keys: The first is just an "enable" flag, the second is the IDP metadata url.

SAML_APP_KEY=1
SAML_IDP_METADATA_URL=https://app.onelogin.com/saml/metadata/12345656789


We're looking at supporting any open id connect in the future.

Ohhhh amazing ! Thank you ! Maybe would be good to add this in the documentation of "loomio-deploy" :)

Hi ,

Sorry to re-open this discussion, but I'm still trying to configure SAML with keycloak and I am facing an issue. When clicking on "Continue with SAML" on Loomio, it redirect me on my keycloak instance but with an error "Unknown login requester"

I think this is a Keycloak specific error, but i'm working on it since a long time...

In Loomio, the two keys "SAMLAPP_KEY" and "SAML_IDP_METADATA_URL" are the only configuration needed ?

Thanks for you answer.

Dont' be sorry. Yes, those are the only keys needed. Are you connected to talk.theborderland? They successfully connected loomio and keycloak.

I don't know what is talk.theborderland but I will try to contact them ! Thx u ! <3

@Hugi Ásgeirsson Can you connect us with the person who successfully setup keycloak and Loomio?

Oh god you are my hero. Thank you very much Rob !

PS: talk.theborderland is AMAZING ! Exactly what I'm working on. Their login page is so beautiful :D

Yes, I’ll ping them.