Add native support for OIDC
- Support for OpenID has been dropped (see #35755)
- The only OIDC plugin only supports version 3.4.x of redmine
There is currently no way to implement SSO in current and future versions of redmine, other than creating a custom plugin, which certainly requires in-depth knowledge of ruby on rails, putting it out of reach of many.
I'm sure it would be useful to many of us redmine administrators to have redmine natively support OIDC.
Updated by Quentin Aymard 2 months ago
- the aformentioned plugin has been updated and forked but seems incredibly buggy and undocumented.
- a new plugin is somewhat implementing provider-specific Oauth/OIDC login : https://github.com/kontron/redmine_oauth.
This lack of "modern" (OIDC is almost 10 years old already) auth protocols is really holding Redmine back : 2FA support is recent and very partial, password-strenght controls are unreliable, passkeys are nowhere to be seen in the upcoming v5/v6 features, etc.
Having native, standard OIDC support in Redmine like never before an absolute must-have. Any modern web app should avoid internal/ldap authentication, and rather use native OIDC support, paired with a dedicated identity provider (eg. Keycloak) which then can provide identity federation features from LDAP, AD, internal database, or other Oauth identity providers, but also security feature like MFA, passkeys, passwork rotation and strenght enforcement, etc.