Login to ownCloud using cidaas

In this section, you will find steps to use cidaas as Identity Provider in ownCloud.

If you are in this section, we assume you are already using ownCloud, and would like to connect cidaas with your ownCloud instance!

Overall process would be

  • Login to ownCloud and install the OIDC Plugin
  • Create a new App in cidaas for ownCloud
  • Configure OIDC in ownCloud

How to configure cidaas as Identity Provider in ownCloud

By configuring cidaas as Identity Provider in ownCloud, you can login to ownCloud with cidaas.

We will guide you through the process — it is quite easy!

Login to ownCloud and install the OIDC Plugin

1. In the official description ownCloud provides following app for ownCloud 10.0.0. It can be installed to enable OpenID Connect on your ownCloud instance.

2. Click on Install to get the app for your ownCloud instance

Create a new App in cidaas for ownCloud

1. Create your cidaas App. To do so, navigate to your cidaas instance admin Dashboard and click on create App. If you do not have a instance yet, you can create one in few minutes here.

2. Add a name for your app e.g. owncloud and select Regular

3. Open App Settings and choose the scopes required to access ownCloud. In our case it is [openid, email, profile, identities, groups, roles, offline_access]

4. Add the redirect URls:

<YOUR_OWNCLOUD_BASEURL>/apps/openidconnect/redirect <YOUR_OWNCLOUD_BASEURL>/index.php/apps/openidconnect/redirect <YOUR_OWNCLOUD_BASEURL>/.well-known/openid-configuration <YOUR_OWNCLOUD_BASEURL>/apps/openidconnect/redirect

5. Add the Logout URL:


6. Save your App. It will automatically generate a clientID and clientSecret which you need in the config.php of ownCloud

Configure OIDC in ownCloud

1. Go to your owncloud server (if installed on premise) and navigate to the config file, that is located in /var/www/owncloud/config

2. In config.php you can configure OpenID Connect with cidaas by providing the scopes, the provider-url, which is the cidaas base url, the client-id and client-secret of your cidaas-owncloud App you just configured. You have also options to fine tune, e.g. to autoRedirectOnLoginPage to the cidaas login page.

'openid-connect' =>
  array (
    'provider-url' => '<YOUR_CIDAAS_BASE_URL>',
    'client-id' => '<YOUR_CLIENTID>',
    'client-secret' => '<YOUR_CLIENTSECRET>',
'loginButtonName' => 'cidaas',
    'autoRedirectOnLoginPage' => false,
    'mode' => 'userid',
    'search-attribute' => 'email',
    'scopes' =>
    array (
      0 => 'openid',
      1 => 'email',
      2 => 'profile',
      3 => 'identities',
      4 => 'groups',
      5 => 'roles',
      6 => 'offline_access',
      7 => 'phone',

You are done!

What you can do now:

Having this set up you can easily:

  • enable multifactor-authentication in app settings
  • allow passwordless authentication to login to owncloud
  • stay logged in
  • restrict access to this app by specifying the allowed groups and roles in app-settings

results matching ""

    No results matching ""