• Aktuell
    • Tags
    • Beliebt
    • Benutzer
    • Gruppen
    • Suche
    • Registrieren
    • Anmelden

    Support for Federated IDP

    Feature wishes
    4
    4
    159
    Lade mehr Beiträge
    • Älteste zuerst
    • Neuste zuerst
    • Meiste Stimmen
    Antworten
    • In einem neuen Thema antworten
    Anmelden zum Antworten
    Dieses Thema wurde gelöscht. Nur Nutzer mit entsprechenden Rechten können es sehen.
    • jason-johnsonJ
      jason-johnson
      zuletzt editiert von

      Hello all

      Is there any plan to support federated IDP systems? At my church, as it is non-profit, we receive the Microsoft grant for free email, Office 365 licenses and Azure credits. We would very much like to use ChurchTools for integration with things like Songbeamer, easier managing of teams across various church services and so on. But having to duplicate users, groups and so on in two systems is a non-starter. We also have no interest in having ChurchTools be the IDP because all our integrations come from Entra ID and will continue to do so (it was hard enough to get workers in the church to accept our MS accounts and Teams for communications).

      I saw there is apparently some kind of LDAP integration but this is also problematic as Entra ID does not support LDAP. To make the connection requires settings up a special VLAN and a legacy Azure AD forest (this is strongly discouraged from MS as it's not very secure) which is configured to replicate from Entra ID. And all this just on the Microsoft side. I'm still not sure what I would need on the CT side to complete the configuration. In any case this is also not going to be a workable solution.

      Our paster had a lot of experience using Churchtools from his previous church and has interest in this tool but without some way to use Entra ID as the IDP the IT team cannot support its usage.

      MichaelGM narnitzN 2 Antworten Letzte Antwort Antworten Zitieren 0
      • MichaelGM
        MichaelG @jason-johnson
        zuletzt editiert von

        @jason-johnson Hi Jason, I am working on a User and Group sync from ChurchTools to Teams/Entra. If you are interested in that, let me know via PN and I can give you details about the requirements and costs.
        About the IDP topic, some else might come back to you.

        Installation bei CT -> immer neueste Version

        1 Antwort Letzte Antwort Antworten Zitieren 0
        • narnitzN
          narnitz ChurchToolsMitarbeiter @jason-johnson
          zuletzt editiert von

          @jason-johnson
          It would probably be best if you write the support team.
          They can help you and see if that would be something which is technically possible.

          https://contact.church.tools/contact

          App-Entwickler bei ChurchTools

          mhuberM 1 Antwort Letzte Antwort Antworten Zitieren 0
          • mhuberM
            mhuber ChurchToolsMitarbeiter @narnitz
            zuletzt editiert von mhuber

            @jason-johnson Using Microsoft Entra as IDP is definitively possible. ChurchTools supports Single-Sign-On via SAML, which Microsoft supports as well.

            To make it work, you would need two things:
            1.) a SAML SSO Client App configuration for ChurchTools in Microsoft Admin Center
            2.) a SAML config in ChurchTools.

            For 1.) you can do the configuration yourself (we can give you directions), for 2.) we would have to do the config for you. At the moment you cannot configure this yourself within ChurchTools.

            So, if interested, please contact our support and ask for Matthias.

            1 Antwort Letzte Antwort Antworten Zitieren 1
            • Erster Beitrag
              Letzter Beitrag