Background on SSO and CHT
Single Sign On (SSO) is often used when an organization manages many users and wants to centralize which credentials are used when logging into their IT systems. By centralizing, maintenance is reduced for on-boarding and off-boarding users and it’s trivial to audit usage data across multiple systems. Further, automatic provisioning, forgot password and two factor authentication become trivial to deploy.
A common solution to SSO is OIDC (OpenID Connect on Open Authorization v2.0 (OAuth2)). This is a technical specification for how the different parts of SSO should work and allows applications like the CHT Core to provide SSO knowing it can work with any OIDC compliant system (e.g. Keycloak or Azure AD).
Medic recently considered implementing SSO, but this current effort is to have the CHT authenticate via an OAuth2 provider over OIDC, whereas the original effort was making the CHT an OAuth2 provider.
What is a community squad?
The CHT is a strong and growing community all solving similar problems in their own way. This growing community presents a great opportunity to increase innovation and efficiency by forming squads of community members to collaborate on development of specific initiatives. Members could collaborate by helping design the solution, writing the code, testing, or by funding some of the development. These will be designed as short term agile teams to get the feature developed and released as quickly as possible. All work is done in the open and under open sources licenses, of course!
The collaboration request
We’d like to ask the larger community if anyone is interested in joining a squad in the coming week to work on SSO? Given the accelerated schedule - don’t wait to voice your interest! Medic teammates will be available for guidance, including inviting key stakeholders to a Slack channel and helping with any scheduling that might be needed. After a squad has been formed, we’re excited to see a technical design document published for the squad to review.