Pydio

Pydio requires a plugin to enable OpenID Connect authentication.

Download and installation

  • Download the plugin here.

  • Unpack the archive and move authfront.openid to the plugin directory of your Pydio server (typically: /usr/share/pydio plugins).

  • Ensure the plugin files have the correct permissions :

chown -R www-data:www-data authfront.openid/
  • Open your Pydio admin dashboard, find the plugin under Authentication and enable it

Configuration

  • Configure the plugin with the following values:

  • OpenID Issuer

https://mydomain.trustelem.com/app/3XXXXX
  • OpenID Jwks
{"keys":[{"kty":"RSA","use":"sig","kid":"58930","alg":"RS256","n":"03DSSaM_B0G70aclJFw-QK6HRl9hkFg2W5HKCGuAHm5wt2tP4FcQ8RMtLZ_WsdeFlUe9VdUGfACCSExq32k4XDR0PA5FJ9sE2pfGXIyyUP2drhqDI1Q754faHPjvkX5niiQkaNFby4HBjvsH6VWVU5PfHoHEeT20qemANWNlrfw8-jkMlN1aioWAuWI9L-OtGqUHEbZy_zj3GrZrAN7G73rClAtcgsIfeqkg3y5g2p4qRynS_MMmpuYiGz89Hcrr3lS52tKjHATskkII-eA-_78SB413KVKxRYSK9DjlA-Wm5Ott4AN99d6sVUIj0jp-fWSIueE4zy4OKrrQR91IYQ","e":"AQAB"}]}
  • OpenID Configuration
{"issuer":"https://wallix-jflacher.trustelem.com/app/384294","authorization_endpoint":"https://wallix-jflacher.trustelem.com/app/384294/auth","token_endpoint":"https://wallix-jflacher.trustelem.com/app/384294/token","userinfo_endpoint":"https://wallix-jflacher.trustelem.com/app/384294/userinfo","jwks_uri":"https://wallix-jflacher.trustelem.com/app/384294/jwks","end_session_endpoint":"https://wallix-jflacher.trustelem.com/app/384294/end_session","scopes_supported":["email","family_name","given_name","groups","name","openid","organization","phone","profile","uid"],"response_types_supported":["code","code id_token","id_token","id_token token"],"grant_types_supported":["authorization_code","implicit"],"subject_types_supported":["public"],"display_values_supported":["page"],"claims_supported":["sub","iss","auth_time","acr","name","given_name","family_name","profile","email","locale","phone_number"],"ui_locales_supported":["fr-FR","en-GB"],"id_token_signing_alg_values_supported":["RS256"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post"]}
  • OpenID ClientID
pydio_client_id