View Attach (6) Info

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
png
 oidc_crushftp_related_settings... 137.0 kB 1 09-Jan-2025 07:29 krivacsz
png
 oidc_dmz_plugin_settings.png 141.0 kB 2 09-Jan-2025 23:13 krivacsz
png
 oidc_general_plugin_settings.p... 39.3 kB 1 09-Jan-2025 07:32 krivacsz
png
 oidc_idp_related_plugin_settin... 176.0 kB 3 09-Jan-2025 23:17 krivacsz
png
 oidc_login_buttons.png 59.4 kB 1 09-Jan-2025 07:50 krivacsz
png
 oidc_redirect_base_setting.png 37.0 kB 1 05-Feb-2025 03:55 krivacsz

This page (revision-333) was last changed on 02-May-2025 06:09 by krivacsz

This page was created on 06-Jan-2025 23:39 by krivacsz

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Difference between version and

At line 2 changed one line
The plugin supports __OpenID Connect SSO__ ( more info: [https://en.wikipedia.org/wiki/OpenID]), an authentication protocol built on top of the OAuth 2.0 ([https://en.wikipedia.org/wiki/OAuth]) authorization framework.\\
The plugin supports __OpenID Connect SSO__ (OpenID More info: [Link|https://en.wikipedia.org/wiki/OpenID]), an authentication protocol built on top of the OAuth 2.0 ([Link|https://en.wikipedia.org/wiki/OAuth]) authorization framework.\\
At line 47 changed one line
This HTTP(S) URL is part of the OpenID Connect (OIDC) Discovery mechanism. It follows a standard called __RFC 5785__ ([https://datatracker.ietf.org/doc/html/rfc5785]), which defines the use of __.well-known__ URIs for discovering metadata about services. It queries this HTTP(S) endpoint to configure itself dynamically, avoiding hard-coded values. The retrieved JSON document includes important endpoints and details like:\\
This HTTP(S) URL is part of the OpenID Connect (OIDC) Discovery mechanism. It follows a standard called __RFC 5785__ ([Link|https://datatracker.ietf.org/doc/html/rfc5785]), which defines the use of __.well-known__ URIs for discovering metadata about services. It queries this HTTP(S) endpoint to configure itself dynamically, avoiding hard-coded values. The retrieved JSON document includes important endpoints and details like:\\
At line 121 changed one line
__Microsoft Azure App Registration__ does not require additional scopes for this purpose. Ensure the __App Registration__ includes the __"Files.ReadWrite.All"__ permission, configured as either Delegated or Application. More info at [SharePoint Integration].\\
__Microsoft Azure App Registration__ does not require additional scopes for this purpose. Ensure the __App Registration__ includes the required __API Permissions__ configured as either __Delegated__ or __Application__. More info at [SharePoint Integration] or at [OneDriveSetup].\\
At line 123 changed one line
At "__Custom VFS__" settings you can reference the gained __refresh token__ as variable:
At __2.2.7 Custom VFS__ [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CrushOIDC#section-CrushOIDC-2.2.7CustomVFSRequiredUnderSpecificConditions] settings you can reference the gained __refresh token__ as variable:
At line 203 changed one line
__Authentication aspect__: Permit users based on specific IdP claims. \\
__Authentication aspect__: Permit users based on specific IDP claims. \\
At line 207 changed one line
__Template User Aspect__: You can configure different Template Users (see 2.2.5 User Templates) based on IdP claims. If a template user is specified, the signed-in user inherits both the settings and the VFS items (as Linked [VFS]).\\
__Template User Aspect__: You can configure different Template Users (See at __2.2.5 User Templates__ [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CrushOIDC#section-CrushOIDC-2.2.5UserTemplatesRequired]) based on IdP claims. If a template user is specified, the signed-in user inherits both the settings and the VFS items (as Linked [VFS]).\\
At line 246 changed 3 lines
__!!! Important:__ If the CrushOIDC user has no assigned VFS, __authentication will be rejected due to the absence of an assigned [VFS]__. CrushOAIDC user can inherit VFS configuration from:\\
• Template User (see at __2.2.5 User Templates__)\\
• Roles (Like at __2.2.6 Roles__)\\
__!!! Important:__ If the CrushOIDC user has no assigned VFS, __authentication will be rejected due to the absence of an assigned [VFS]__. CrushOIDC user can inherit VFS configuration from:\\
• Template User (See at __2.2.5 User Templates__ [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CrushOIDC#section-CrushOIDC-2.2.5UserTemplatesRequired])\\
• Roles (See at __2.2.6 Roles__ [Link|https://www.crushftp.com/crush11wiki/Wiki.jsp?page=CrushOIDC#section-CrushOIDC-2.2.6Roles])\\
At line 270 added 2 lines
__!!!__ Ensure the __Azure App Registration__ includes the required __API Permission__ (More info at [OneDriveSetup]).\\
At line 271 changed one line
__b.) DropBox__:\\
__c.) DropBox__:\\
Version Date Modified Size Author Changes ... Change note
333 02-May-2025 06:09 18.649 kB krivacsz to previous
332 02-May-2025 06:08 18.641 kB krivacsz to previous | to last
331 02-May-2025 06:00 18.641 kB krivacsz to previous | to last
330 02-May-2025 05:57 18.62 kB krivacsz to previous | to last
329 02-May-2025 05:56 18.611 kB krivacsz to previous | to last
328 02-May-2025 05:54 18.504 kB krivacsz to previous | to last
327 02-May-2025 05:32 18.368 kB krivacsz to previous | to last
326 02-May-2025 05:26 18.369 kB krivacsz to previous | to last
325 02-May-2025 05:25 18.371 kB krivacsz to previous | to last
324 02-May-2025 05:19 18.153 kB krivacsz to previous | to last
323 02-May-2025 05:19 18.148 kB krivacsz to previous | to last
322 02-May-2025 05:17 18.035 kB krivacsz to previous | to last
321 02-May-2025 04:54 18.019 kB krivacsz to previous | to last
« This page (revision-333) was last changed on 02-May-2025 06:09 by krivacsz
G’day (anonymous guest)
CrushFTP11 | What's New

Referenced by
Amazon Cognito Configuration
Apple Sign In Configuration
Azure Active Directory B2C Configuration
CrushOAuth
Enterprise License Enhancements
Google Sign in Configuration
LeftMenu

JSPWiki