Single Sign On (SSO) capability

I would recommend adding Single Sign On for pro or enterprise use cases. OIDC is probably the way to go. Many orgs won’t even consider tools/platforms without SSO these days.
Ideally yall would be able to get this implemented in a self-service fashion (ex. customer provides oidc discovery url, client id, client secret) so you wouldn’t be burdened with with so many tickets to help customers get it set up :slight_smile:

Other bonus SSO features:
OIDC group claims mapping to roles within storj
OIDC JIT User Creation

1 Like

Hello @cois,
Welcome to the forum!

I shared your idea with the team. However, we have had this roadmap item a while ago, but it wasn’t considered to the implementation

Hi @Alexey,

Thank you for the warm welcome!

I believe the item which you linked is different from my suggestion. It looks like they want to use storj itself as an Identity Provider.

My suggestion is to add support for 3rd party Identity Providers such as Okta or Microsoft Entra ID via Open ID Connect. That way a user could log into the Storj management portal using their Okta account and create new buckets or access keys for example.

No, if you read a ticket and the linked pull request, you would find, that it’s suggested to implement an OIDC support, so any identity provider, which supports it.
We also have had this one idea: Etherum Wallet Authentication · Issue #21 · storj/roadmap · GitHub, but it’s not considered too.

1 Like