cal.com
cal.com copied to clipboard
calcom
Automatic User provisioning (LDAP-Support)
It would be nice if the user list could be provisioned from a connected LDAP instance. This would allow Admins to have a calendar link generated automatically when a new user is added, and also have the link automatically become invalid if the user gets deactivated/removed from LDAP.
Ideally one would be able to configure a LDAP filter string for the application to get a list of valid users. The calendar link could simply be your.calendso.instance/the_username_from_ldap
This is a really cool idea. It's highly unlikely that I'll be making it anytime soon, but if anyone else wants to jump on this, feel free!
this will be a very interesting and cool feature to have, even other than that, generally supporting SAML and user authentication tools like Okta and lemonLdap https://lemonldap-ng.org/welcome/ would be a very welcome situation,
which I believe also corporate customers, that you're targeting would love to have @baileypumfleet
You can replace native login system to the auth0.com login system and use auth0 saml to make provising
hello @petrolins thank you for the update.
Kindly how would I be able to replace that. And would that work also with Lemonldap SAML
seems they are never going to implement a user dashboard ever. ok point noted and taken
@compgeniuses Why do you think, this will not be added? Maybe just someone from the community needs to add some pull request? Or is it documented? Maybe LDAP could also be a nice (paid) plugin?
Hello @saschafoerster i was informed that in the next release, and also as per the milestons there is going to be a user dashboard built into the solution.
The reason why i thought and felt this is because. for one, the initial release of the software did not feature an interface for user creation and management. and when they released SSO and LDAP functionality, this was only available in the Hosted version and not the Opensource, self hosted version.
there is not even a documented way of enabling this in the self hosted version, even as a paid plugin.module.
Overall, the direction the project seems to be taking is the Enterprisey corporate way, forgeting the SME and Startups way that the project initally targeted. I can understand if its due to the investment received, however, most people came to this project because its opensource, and seemed to want to focus on intergation with opensource tools, however, this seems not be the case, and it does not focus on opensource tools integration but only coporate tools.
that why.
@fkusei In your use case is SCIM not possible over LDAP? Just trying to understand if it's a legacy system that cannot use SCIM.
I am not really experienced with SCIM, SAML and SSO, until now we used LDAP for our self hosted tools to connect it to our user base. I am playing around with authentik https://goauthentik.io which could be a bridge between our LDAP server and the built in SAML of Cal.com. I found this documentation about SAML but I can't really follow what to do: https://developer.cal.com/self-hosting/sso-setup
When I go to https://URL/settings/security/sso on my self hosted instance, nothing loads, but I guess because I didn't configure SAML as I should.
LDAP-integration would make it a bit easier for me. Are there others who got LDAD/SAML/SSO/SCIM working on their self hosted instances and could help by documenting? Or maybe adding LDAP separately as a plugin to Cal.com self hosted?
I am not really experienced with SCIM, SAML and SSO, until now we used LDAP for our self hosted tools to connect it to our user base. I am playing around with authentik https://goauthentik.io which could be a bridge between our LDAP server and the built in SAML of Cal.com. I found this documentation about SAML but I can't really follow what to do: https://developer.cal.com/self-hosting/sso-setup
When I go to https://URL/settings/security/sso on my self hosted instance, nothing loads, but I guess because I didn't configure SAML as I should.
LDAP-integration would make it a bit easier for me. Are there others who got LDAD/SAML/SSO/SCIM working on their self hosted instances and could help by documenting? Or maybe adding LDAP separately as a plugin to Cal.com self hosted?
I'm in a very similar situation. Is there anybody that can provide some help?
An LDAP to SAML bridge like authentik seems like a good workaround for this, we are looking into this and will post back with some possibilities. @saschafoerster Happy to guide you through the SSO setup process, you will need to configure a SAML app for it to work.
@deepakprabhakara do we need to raise a PR for this or is this already possible? If PR, can we get help from boxy?
We are working on adding SCIM 2.0 support to Cal but no current plans to support LDAP directly (Microsoft themselves are moving customers from LDAP to Azure AD). If LDAP can be bridged to SCIM then it would work, I'll find out what options are available for this.
we will ship SCIM 2.0 since LDAP is being deprecated by microsoft and others
THE MADMAN DID IT @joeauyeung 🥳
SCIM is merged and will get on production today 🙏
yes, impossible without y'alls work!!! 🙏 incredibly thankful to be working with the boxy team