Move to custom SAML auth #44

Edward-Upton · 2022-09-01T22:12:16Z

We are currently using AWS Cognito for SAML auth with the uni. This has worked as expected once we went through the pain of setting it up.

However, there remain some limitations with it:

We can't fully customize the login page (unless we use AWS's custom library for auth)
There may be a limitation with the current setup for auto-login when connecting to the platform.
We are limited in redirecting to only 1 URL after successful login/logout.

These can all be resolved by moving to a custom service for handling authorization and authentication.

Initial thoughts are to host this as a separate server at auth.warwick.ai since once up and running it shouldn't need to be touched very often.

For SAML, I've looked into samilfy which is a JS plugin for handling SAML auth.

This service can also be used for authorization of Discord accounts and linking them to WAI accounts when we eventually implement that.

The text was updated successfully, but these errors were encountered:

Edward-Upton added enhancement New feature or request high-priority labels Sep 1, 2022

Edward-Upton added this to To do in Fully Customizable Platform via automation Sep 1, 2022

Edward-Upton moved this from To do to In progress in Fully Customizable Platform Sep 13, 2022

Provide feedback