Authentication
This feature is developed by yu-i-i/overleaf-cep. There are 3 authentication methods supported. After configuration, you can login with the following options, as image below shows.
We highly recommend you use OIDC, since this is the most general method.
Global Configuration
The environment variable EXTERNAL_AUTH is required to enable the specific authentication module. This environment variable specifies which external authentication methods are activated. Available options are (in lower case):
saml
ldap
oidc
Suggestions for SSO
I tested saml, ldap, oauth for overleaf. Both saml, oauth works well in overleaf, but ldap, it depends. It can't works well for https://docs.goauthentik.io/, but it works well in openLDAP (https://github.com/rroemhild/docker-test-openldap).
We need to update passport-ldapauth, recently I am trying to test overleaf ldap with https://goauthentik.io/ , it failed. After I update "passport-ldapauth" to 3.0.0, everything works well.
The origianlly one is 2.x.x, which is 6 years ago.
I am not sure what's the reason, because we all depends on an external package to do LDAP (also saml, oauth) auth. If not worked, the situtation can be the same for overleaf server pro, becase we just passed all environment var to internal package, if there are some bugs, we have no idea currently.
So I highly recommend our user to setup development enviornment to test SSO with all source code, which is available at Setup Develop Environment (Local). In development environment, you can see all logs in terminal, which makes it convenient for debug usage.
Last updated