Authenticating to Web UI using Azure saml

kobbygl · March 29, 2023, 11:35am

Hi guys

Our privacyidea is connected to our Azure AD as the LDAP source. The web ui currently uses Azure username and password, but no mfa. We want to protect the web ui on public internet by using Azure SSO/saml. Is there a way to configure the apache server to authenticate against Azure (creds & Microsoft authenticator)?

Thank

Kobby

cornelinux · April 2, 2023, 8:05am

privacyIDEA webui itself currently does not act as a SAML service provider.

However, you could configure apache using mod_mellon to act as a SAML service provider.

But if your need only is to do 2FA at the privacyIDEA WebUI login, you can easily do this using the authentication policy loginmode=privacyIDEA.