Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1ngj1y-0004k1-Ge for pgadmin-hackers@arkaria.postgresql.org; Tue, 19 Apr 2022 08:16:15 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1ngj1x-0002oa-CI for pgadmin-hackers@arkaria.postgresql.org; Tue, 19 Apr 2022 08:16:13 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1ngj1w-0002oR-Pc for pgadmin-hackers@lists.postgresql.org; Tue, 19 Apr 2022 08:16:13 +0000 Received: from mail-ej1-x632.google.com ([2a00:1450:4864:20::632]) by magus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1ngj1t-0003oO-G4 for pgadmin-hackers@postgresql.org; Tue, 19 Apr 2022 08:16:12 +0000 Received: by mail-ej1-x632.google.com with SMTP id r13so31285956ejd.5 for ; Tue, 19 Apr 2022 01:16:08 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=pgadmin.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Jh9aSCGUyUBoqReQ5nRz03qdyX2tVn4aol9jZGtcIg0=; b=MWQNDJEf1yQoXpYVRf6lfQJ5/MXhiBWVzExSUMlksHLsGaHRg/XEZB4Otg5yrd+1JD kd46hEuA2tDuTMhHUqi60SGbWexGCX9tXRhlcxw+fegcE36NIuygynjOtNm+hHvY85+S CYcPtXxHHF+jQkqI164XnERHfgpHhj5FREvGnqoTOuX1PVbdQn7HuNR1l8WQzIJ+pTA8 CRl99LhTUrJ5zzPRRalN41+AIXkCeHOohldLZ1QPPvNy2T34kDI+rZHvcgqzmx8h0QMo ssWpAPOYcYC5D1Sw6KxYYeWa8BS93MwhQqvafHEUS5jYbgq2AmG2OlBnQlpIEUaIiQoU L1Mw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Jh9aSCGUyUBoqReQ5nRz03qdyX2tVn4aol9jZGtcIg0=; b=xAuJfvE9pPk/UhQdZO1DZh3nIbX7/RLlMtywvkfymo3ji+xYQOOw9uwyn6eNH3/zz1 DmQ+gHa+2u9jfy614OgU/dLdIXg9NW0sLVDU0gaUBruTBmxnET/V2SQrlzvtusyt8PCD MJezsABRRkCE6oQ2Y3XRH+rEzkEgUpvGE82fZS9rB/n9XcO9kkhGyLc+ZRPkzA5AahBb YiXnIwaP5i9gE2CecQJMAalO72YIql7szk3dT67Irop4un5FRbNFn3ne6QTp8cuP5TCj 8mGtlVt+TIEnB2ipJKlVkCWaPZu/vHFiVqcjL1igx0gpnOoCmFTSdT8kCNxH49O0/quq mXoA== X-Gm-Message-State: AOAM530P1Pjl5vheiOoTXRZ85wgQ4iHlQIBaJvWgkezuKvziU5iWFV9B 1JkbPImun502V8a7LXjPtfvhJEVdovCZ83cSvnDv9Q== X-Google-Smtp-Source: ABdhPJzMs41xpO+dREdiChpsWvhzFaYzsaNf3HGlGwDbyOd4TVXoB3FdmrkYZFjCf0guc0bGab2shBnsT1gd3qv3YyU= X-Received: by 2002:a17:906:f20a:b0:6ef:b9a3:3ca9 with SMTP id gt10-20020a170906f20a00b006efb9a33ca9mr5994608ejb.693.1650356168192; Tue, 19 Apr 2022 01:16:08 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Dave Page Date: Tue, 19 Apr 2022 09:15:57 +0100 Message-ID: Subject: Re: Azure AD authentication using app registration To: Asmita Thapliyal Cc: pgadmin-hackers@postgresql.org Content-Type: multipart/alternative; boundary="000000000000288ca505dcfd7d2e" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000288ca505dcfd7d2e Content-Type: text/plain; charset="UTF-8" Hi On Mon, 18 Apr 2022 at 10:21, Asmita Thapliyal wrote: > Thank you Dave for your reply! > Can it use OAUTH2 authentication available with Azure AD? I see only > options available in OAUTH2 are for google & github. > Those are just examples. It should work with any OAuth2 provider. > If it can be enabled could you give me some pointers on how to start > incorporating this change? > Sorry, I have no idea how to do that in Azure. > > Thanks, > Asmita > > On Thu, Apr 14, 2022 at 2:13 PM Dave Page wrote: > >> Hi >> >> On Thu, 14 Apr 2022 at 09:35, Asmita Thapliyal < >> asmita.thapliyal@gmail.com> wrote: >> >>> Hello! >>> >>> I don't see Azure AD authentication using app registration is >>> available for pgadmin4. I see other authentication mechanisms via LDAP, >>> OAUTH2 and kerberos. >>> Could you let me know if there is a possibility of enabling it? >>> >> >> We don't support Azure AD auth, and currently have no plans to add it. >> You're welcome to add a feature request at >> https://redmine.postgresql.org/projects/pgadmin4/issues, but it's >> unlikely any of the regular developers will work on it in the near future. >> >> However, you can (in theory - I've never tested it) use Azure Active >> Directory Domain Services to allow applications to authenticate using >> Kerberos. See >> https://techcommunity.microsoft.com/t5/itops-talk-blog/deep-dive-how-azure-ad-kerberos-works/ba-p/3070889 >> >> >> -- >> Dave Page >> Blog: https://pgsnake.blogspot.com >> Twitter: @pgsnake >> >> EDB: https://www.enterprisedb.com >> >> -- Dave Page Blog: https://pgsnake.blogspot.com Twitter: @pgsnake EDB: https://www.enterprisedb.com --000000000000288ca505dcfd7d2e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hi

On Mon, 18 Apr 2022 at 10:21, Asmita Thapliyal <= asmita.thapliyal@gmail.com> wrote:

If it can be enabled could you give me some poi= nters on how to start incorporating this change?



On Thu, Apr 14, 2022 at 2:13 PM Dave Page <dpage@pgadmin.org> w= rote:
Hi

On Thu, 14 Apr 2022= at 09:35, Asmita Thapliyal <asmita.thapliyal@gmail.com> wrote:
Hello!

I don't=C2=A0s= ee Azure AD=C2=A0authentication using app registration is available=C2=A0fo= r pgadmin4. I see other authentication mechanisms via LDAP, OAUTH2 and kerb= eros.
Could you let me know if there is a possibility of enabling= it?

We don't support Azure= AD auth, and currently have no plans to add it. You're welcome to add = a feature request at=C2=A0https://redmine.postgresql.org/project= s/pgadmin4/issues, but it's unlikely any of the regular developers = will work on it in the near future.

However, you c= an (in theory - I've never tested it) use Azure Active Directory Domain= Services to allow applications to authenticate using Kerberos. See https://techcommunity= .microsoft.com/t5/itops-talk-blog/deep-dive-how-azure-ad-kerberos-works/ba-= p/3070889=C2=A0

--


--
<= /div> --000000000000288ca505dcfd7d2e--