ThreatMapper
ThreatMapper copied to clipboard
deepfence
Support for Single Sign On (SSO)
Is your feature request related to a problem? Please describe. Currently, we are deploying a lot of tools related to devsecops and all of those tools support either SAML or OIDC for SSO. We would like to add ThreatMapper to the stack and prefer to use existing login credential for the team.
Describe the solution you'd like Implement OpenID Connect relaying party functionality in ThreatMapper
Components/Services
- [x] UI/Frontend
- [x] API/Backend
- [] Agent
- [x] Deployment/YAMLs
- [ ] CI/CD Integration
- [ ] Other (specify)
Thanks for the fast response.
Makes sense, would Dex work in your scheme of things?
Isn't Dex act as an IdP? not as a relaying party. I'm thinking that ThreatMapper would only need to use the client library. Something like flask-oidc
Thanks for the fast response.
Makes sense, would Dex work in your scheme of things?
Isn't Dex act as an IdP? not as a relaying party. I'm thinking that ThreatMapper would only need to use the client library. Something like flask-oidc
Dex is not exactly an IdP. It acts as an intermediary between them and the application. Dex defer authentication to LDAP servers, SAML providers, or established identity providers like GitHub, Google, and Active Directory. So it will help us in adding all those IdP's in one shot.
i see, i think as long as it can integrate to generic OIDC provider as a relying party then it should work in our deployment.
Anything on OIDC with Keycloak?
Single Sign-on is only available in ThreatStryker (enterprise) using OIDC but currently doesnot support keycloak.
