It's all about the answers!

Ask a question

ELM 702 authentication with OIDC 2.0 Provider & LDAP ISDS


Chid . (2052961) | asked Jan 16, 11:23 a.m.
In my previous installation of CLM 6061, thick clients like Eclipse authenticates with LDAP Password (ie IBM Security Directory Server); web client authenticates with the corporate OIDC 2.0 Provider.

In ELM 702, thick client can authenticate with App Password; App password can be set up with a browser client. Do we still need ISDS for 702.

Please provide some instructions on how to configure ELM 702 with Jazz Authorization Server, IBM Security Directory Server & OIDC 702 provider like Google.

Please share the compatibility between ELM 702 & IBM Security Directory Server.

One answer



permanent link
Shubjit Naik (1.5k1613) | answered Feb 01, 9:08 a.m.

Hi,


Yes, you still need an LDAP server.

An Ldap server connection to JAS and JTS is always needed for User to Group Role mappings (JazzAdmins, JazzUsers etc). The LDAP server should ideally be the same as the Corporate OIDC provider, but we have customers who created a clone of the LDAP server to configure with JAS and JTS. ( ISDS in your configuration)

To configure with Google OIDC provider you can use the instructions below.:
https://www.ibm.com/docs/en/was-liberty/core?topic=liberty-configuring-social-login-in#twlp_sec_sociallogin__xgoogle

You would then need those users created in your LDAP server and map to the groups.


Comments
Chid . commented Apr 05, 10:06 a.m. | edited Apr 05, 10:10 a.m.

@shubjit,

One of my client wants OIDC authentication for ELM 702. They are using Microsoft Identify Provider.
Please let me know if there would be compatibility issues.
Do we still need to install Jazz Authorization Server.


Shubjit Naik commented Apr 05, 11:15 a.m.

 Hi


Yes. To configure ELM with a Third Party OIDC Provider or a SAML provider, Jazz Authorization Server is mandatory requirement.

Your answer


Register or to post your answer.