[GH-ISSUE #156] [Feature] OIDC authentication #121

New issue

Closed

opened 2026-02-25 21:31:15 +03:00 by kerem · 4 comments

kerem commented 2026-02-25 21:31:15 +03:00

Owner

Copy link

Originally created by @francescocarzaniga on GitHub (Oct 10, 2020).
Original GitHub issue: https://github.com/ciur/papermerge/issues/156

Originally assigned to: @ciur on GitHub.

I saw there is a plan to implement LDAP authentication, and the current PR does a great job at abstracting the backend including immutable users. Using it and something like mozilla-django-oidc it should be relatively straightforward to implement OIDC as well. Group management should also work exactly the same as LDAP.

Originally created by @francescocarzaniga on GitHub (Oct 10, 2020). Original GitHub issue: https://github.com/ciur/papermerge/issues/156 Originally assigned to: @ciur on GitHub. I saw there is a plan to implement LDAP authentication, and the current PR does a great job at abstracting the backend including immutable users. Using it and something like [mozilla-django-oidc](https://github.com/mozilla/mozilla-django-oidc.git) it should be relatively straightforward to implement OIDC as well. Group management should also work exactly the same as LDAP.

kerem 2026-02-25 21:31:15 +03:00

• closed this issue
• added the
  enhancement
  feature request
  labels

kerem commented 2026-02-25 21:31:15 +03:00

Author

Owner

Copy link

@schiederme commented on GitHub (Oct 10, 2020):

Would it be possible to sponsor this?

<!-- gh-comment-id:706601762 --> @schiederme commented on GitHub (Oct 10, 2020): Would it be possible to sponsor this?

kerem commented 2026-02-25 21:31:15 +03:00

Author

Owner

Copy link

@ciur commented on GitHub (Oct 11, 2020):

In general, I would go as far as to say that almost any external authentication system can be added - but as extra plugin. So just to make it clear, that we speak here about - a plugin (a.k.a app) for Papermerge to support OIDC authentication. Plugins/apps can be easily removed/add so that main application stays light.

Would it be possible to sponsor this?

@schiederme, give me 2 weeks to evaluate the impact/complexity of solution and I will come back with an answer.

<!-- gh-comment-id:706679403 --> @ciur commented on GitHub (Oct 11, 2020): In general, I would go as far as to say that almost any external authentication system can be added - but as extra plugin. So just to make it clear, that we speak here about - a plugin (a.k.a app) for Papermerge to support OIDC authentication. Plugins/apps can be easily removed/add so that main application stays light. > Would it be possible to sponsor this? @schiederme, give me 2 weeks to evaluate the impact/complexity of solution and I will come back with an answer.

kerem commented 2026-02-25 21:31:15 +03:00

Author

Owner

Copy link

@francescocarzaniga commented on GitHub (Oct 11, 2020):

@ciur If I can make a suggestion, python-social-auth and its pipelines especially would be the best solution.

<!-- gh-comment-id:706687069 --> @francescocarzaniga commented on GitHub (Oct 11, 2020): @ciur If I can make a suggestion, [python-social-auth](https://python-social-auth.readthedocs.io/en/latest/) and its pipelines especially would be the best solution.

kerem commented 2026-02-25 21:31:15 +03:00

Author

Owner

Copy link

@ciur commented on GitHub (May 14, 2024):

Feature landed in 3.2: https://docs.papermerge.io/3.2/sso/oidc/overview/

<!-- gh-comment-id:2109938577 --> @ciur commented on GitHub (May 14, 2024): Feature landed in 3.2: https://docs.papermerge.io/3.2/sso/oidc/overview/

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

stable/2.0.x

add-warnings-to-2-0-branch

stable/2.1.x

stable/1.5.x

stable/1.4.x

stable/1.2.x

stable/1.3.x

stable/1.1.x

stable/1.0.x

3.5.3

3.5.1

3.5

3.4

3.5.2

3.3.1

3.1

3.0.3

3.0.2

3.2

3.0.1

3.0

2.0.x-with-banner

v2.1.9

v2.1.8

v2.1.7

v2.1.5

v2.1.4

v2.1.1

v2.1.0

v2.1.0b5

v2.1.0b3

v2.1.0b1

v2.0.1

v2.0.0

v2.0.0rc48

v2.0.0rc45

v2.0.0rc43

v2.0.0rc38

v2.0.0rc35

v1.5.5

v1.5.4

v1.5.3

tmp_micro_apps

v1.5.2

v1.5.1

v1.5.0

v1.5.0.rc1

v1.4.5

v1.4.4

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0.rc3

v1.4.0.rc2

v1.4.0.rc1

v1.2.3

v1.3.0

1.3.0

v1.3.0-alpha

v1.2.2

v1.2.1

v1.2.0

v1.1.0

1.0.0

v1.0.0

Labels

Clear labels   

2.1

  

3.0

  

3.0.1

  

3.0.2

  

3.0.3

  

3.0.3

  

3.1

  

3.2

  

3.2

  

3.3

  

3.5

  

3.x

  

Fixed. Waiting for feedback.

  

Fixed. Waiting for feedback.

  

UX

  

Version 2.1 - alpha

  

XSS

  

announcement

  

beta

  

blocker

  

bug

  

cannot reproduce

  

confirmed

  

confirmed

  

critical

  

demo

  

dependencies

  

deployment

  

detchnical debt

  

discussion

  

docker

  

documentation

  

donations

  

duplicate

  

enhancement

  

feature request

  

frontend

  

fundraising

  

good first issue

  

good issue

  

help wanted

  

high

  

implemented

  

important

  

improvement

  

incomplete

  

invalid

  

investigation

  

kubernetes

  

low

  

low impact

  

medium

  

medium

  

medium impact

  

migration from 2.0

  

migration from 2.1

  

missing-language

  

missing-ocr-language

  

no-activity

  

note

  

ocr

  

outofscope

  

packaging

  

performance

  

popular request

  

pull-request

Mirrored from GitHub Pull Request

  

pypi

  

question

  

raspberry pi

  

roadmap

  

search

  

security

  

setup

  

status

  

task

  

technical debt

  

updates

  

user xp

  

version 1.4.0 - demo

  

will be implemented

  

will not be implemented

  

wontfix

No labels

2.1

3.0

3.0.1

3.0.2

3.0.3

3.0.3

3.1

3.2

3.2

3.3

3.5

3.x

Fixed. Waiting for feedback.

Fixed. Waiting for feedback.

UX

Version 2.1 - alpha

XSS

announcement

beta

blocker

bug

cannot reproduce

confirmed

confirmed

critical

demo

dependencies

deployment

detchnical debt

discussion

docker

documentation

donations

duplicate

enhancement

feature request

frontend

fundraising

good first issue

good issue

help wanted

high

implemented

important

improvement

incomplete

invalid

investigation

kubernetes

low

low impact

medium

medium

medium impact

migration from 2.0

migration from 2.1

missing-language

missing-ocr-language

no-activity

note

ocr

outofscope

packaging

performance

popular request

pull-request

pypi

question

raspberry pi

roadmap

search

security

setup

status

task

technical debt

updates

user xp

version 1.4.0 - demo

will be implemented

will not be implemented

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/papermerge#121

No description provided.