Received: from malur.postgresql.org ([217.196.149.56]) by arkaria.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1ngVDn-0000QO-Na for pgadmin-hackers@arkaria.postgresql.org; Mon, 18 Apr 2022 17:31:31 +0000 Received: from localhost ([127.0.0.1] helo=malur.postgresql.org) by malur.postgresql.org with esmtp (Exim 4.92) (envelope-from ) id 1ngVDm-0000q6-JV for pgadmin-hackers@arkaria.postgresql.org; Mon, 18 Apr 2022 17:31:30 +0000 Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29]) by malur.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1ngNa4-00015k-C1 for pgadmin-hackers@lists.postgresql.org; Mon, 18 Apr 2022 09:22:00 +0000 Received: from mail-pg1-x52e.google.com ([2607:f8b0:4864:20::52e]) by magus.postgresql.org with esmtps (TLS1.3:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.92) (envelope-from ) id 1ngNa2-00014y-Uu for pgadmin-hackers@postgresql.org; Mon, 18 Apr 2022 09:22:00 +0000 Received: by mail-pg1-x52e.google.com with SMTP id q12so17834697pgj.13 for ; Mon, 18 Apr 2022 02:21:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=7O4Lwvud641UGf1xZKxU+J64696jx6lBD5fDUQo8iMI=; b=JgvGUOHduRi2s3Cw1SkYp4/4x+glWoNB3GZDZIO89M8zGE/OqP4CUHxJJ9AZAHw3pf PipN6XATz+Te4dDYJTox7OoV0yqecL/YnJjJxhJGSBB9g2QuIBf9udbYF+y5GDxrih5B eK4zCXfyeroSj1D8+TMtfqUkRYhB2PPYTj93+4eeRWNK5Ly9UaS+fEs2PARE91shhgBw L8DFTVwh66K/hTd+j3A3k+JkLubariDCcoKaMjL3Iz6kQ1UbApVVN7ORUbCkG/8INZeC zNb61R53yWz49CTsTRS8SI0qyjwanKNFuds/VoS8dia8IM5eBwwJ9g4ZrgB2O8pHKSq7 aiBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=7O4Lwvud641UGf1xZKxU+J64696jx6lBD5fDUQo8iMI=; b=wePrpN7lbwd3tHubfOYWP7VxHBXkvsd6wI7ku+JbRJPqL9sTQRiB9JdPfvwmaH4jgH ys4kfSUnW/DwGaBTnw0wNKKP8sv12s5j4Qo0x0j4IeErdyxcHGXgafTTOB4pHTniYfCr D57Wo6M0yN9Pe6cAKxbKvFHwPAbteJUmnpOYTxGALAzDKfG1hcpnvsJzVxgM4MGC92Cy dTYQQt2791/Phgmltbq9ZSET1JKfzbTvc+h0bka/mgpeZwQuIHW0PeKvNdsA2teaF8jg Ix01HV/3Z7q25S1oWq0RWwXCOUwoxD+PYqYpz5wyXfONXFhXGZk38mO8LIzCNkzVRY4y A+yA== X-Gm-Message-State: AOAM533lTe+SVxxVs3yQLTGoa7I1cjl/CSFF360uZfXBU2+WXWgnyVaH Drzhk8h4aKm5/o/Ir+wZkyoeqpF+ksCWXPb2yUi/HdCY X-Google-Smtp-Source: ABdhPJzp1pjFEzotcIvfaVdKgRSPcMtEVIezdMww/YrgLspI3kVxf17zKd5eUQF17Op0k9zTXUCEtb0GG+bY2VGAAlU= X-Received: by 2002:a05:6a00:1a56:b0:50a:436f:6956 with SMTP id h22-20020a056a001a5600b0050a436f6956mr11280194pfv.20.1650273716160; Mon, 18 Apr 2022 02:21:56 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Asmita Thapliyal Date: Mon, 18 Apr 2022 14:51:44 +0530 Message-ID: Subject: Re: Azure AD authentication using app registration To: Dave Page Cc: pgadmin-hackers@postgresql.org Content-Type: multipart/alternative; boundary="000000000000a2497f05dcea4a35" List-Id: List-Help: List-Subscribe: List-Post: List-Owner: List-Archive: Archived-At: Precedence: bulk --000000000000a2497f05dcea4a35 Content-Type: text/plain; charset="UTF-8" Thank you Dave for your reply! Can it use OAUTH2 authentication available with Azure AD? I see only options available in OAUTH2 are for google & github. If it can be enabled could you give me some pointers on how to start incorporating this change? Thanks, Asmita On Thu, Apr 14, 2022 at 2:13 PM Dave Page wrote: > Hi > > On Thu, 14 Apr 2022 at 09:35, Asmita Thapliyal > wrote: > >> Hello! >> >> I don't see Azure AD authentication using app registration is >> available for pgadmin4. I see other authentication mechanisms via LDAP, >> OAUTH2 and kerberos. >> Could you let me know if there is a possibility of enabling it? >> > > We don't support Azure AD auth, and currently have no plans to add it. > You're welcome to add a feature request at > https://redmine.postgresql.org/projects/pgadmin4/issues, but it's > unlikely any of the regular developers will work on it in the near future. > > However, you can (in theory - I've never tested it) use Azure Active > Directory Domain Services to allow applications to authenticate using > Kerberos. See > https://techcommunity.microsoft.com/t5/itops-talk-blog/deep-dive-how-azure-ad-kerberos-works/ba-p/3070889 > > > -- > Dave Page > Blog: https://pgsnake.blogspot.com > Twitter: @pgsnake > > EDB: https://www.enterprisedb.com > > --000000000000a2497f05dcea4a35 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thank you Dave for your reply!
Can it use OAUTH2 a= uthentication available=C2=A0with Azure AD? I see only options available in= OAUTH2 are for google & github.=C2=A0
If it can be enabled c= ould you give me some pointers on how to start incorporating this change?

Thanks,
Asmita

On Thu, Apr 14, 2022= at 2:13 PM Dave Page <dpage@pgadmi= n.org> wrote:
Hi

On Thu, 14 Apr 2022 at 09:35, Asmita Thapliya= l <asmit= a.thapliyal@gmail.com> wrote:
Hello!

I don't= =C2=A0see Azure AD=C2=A0authentication using app registration is available= =C2=A0for pgadmin4. I see other authentication mechanisms via LDAP, OAUTH2 = and kerberos.
Could you let me know if there is a possibility of = enabling it?

We don't suppo= rt Azure AD auth, and currently have no plans to add it. You're welcome= to add a feature request at=C2=A0https://redmine.postgresql.org= /projects/pgadmin4/issues, but it's unlikely any of the regular dev= elopers will work on it in the near future.

Howeve= r, you can (in theory - I've never tested it) use Azure Active Director= y Domain Services to allow applications to authenticate using Kerberos. See= https://techc= ommunity.microsoft.com/t5/itops-talk-blog/deep-dive-how-azure-ad-kerberos-w= orks/ba-p/3070889=C2=A0

--
Dave Page
Blog: https://pgsnake.blogspot.com
Twitter: @pgsnak= e

EDB: ht= tps://www.enterprisedb.com

--000000000000a2497f05dcea4a35--