oca/oca-server-auth
2
0
Fork 0
mirror of https://github.com/bringout/oca-server-auth.git synced 2026-04-18 10:32:04 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
oca-server-auth/odoo-bringout-oca-server-auth-auth_saml/auth_saml/readme/CONFIGURE.rst
Ernad Husremovic 3ed80311c4 Initial commit: OCA Server Auth packages (29 packages)
2025-08-29 15:43:06 +02:00

21 lines
1.2 KiB
ReStructuredText
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

To use this module, you need an IDP server, properly set up.
#. Configure the module according to your IdPs instructions
(Settings > Users & Companies > SAML Providers).
#. Pre-create your users and set the SAML information against the user.
By default, the module let users have both a password and SAML ids.
To increase security, disable passwords by using the option in Settings.
Note that the admin account can still have a password, even if the option is activated.
Setting the option immediately remove all password from users with a configured SAML ids.
If all the users have a SAML id in a single provider, you can set automatic redirection
in the provider settings. The autoredirection will only be done on the active provider
with the highest priority. It is still possible to access the login without redirection
by using the query parameter ``disable_autoredirect``, as in
``https://example.com/web/login?disable_autoredirect=`` The login is also displayed if
there is an error with SAML login, in order to display any error message.
If you are using Office365 as identity provider, set up the federation metadata document
rather than the document itself. This will allow the module to refresh the document when
needed.
Reference in a new issue View git blame Copy permalink