Skip 2FA with OpenID Connect #13939
Labels
topic/authentication
type/feature
Completely new functionality. Can only be merged if feature freeze is not active.
Comments
zeripath
added
type/feature
|
Any updates on this or ideas for a work-around? |
zeripath
added a commit
to zeripath/gitea
that referenced
this issue
Aug 21, 2021
This PR adds a setting to OAuth and OpenID login sources to allow the source to override local 2FA requirements. Fix go-gitea#13939 Signed-off-by: Andrew Thornton <[email protected]>
6543
pushed a commit
that referenced
this issue
Sep 10, 2021
This PR adds a setting to OAuth and OpenID login sources to allow the source to skip local 2FA authentication. Fix #13939 Signed-off-by: Andrew Thornton <[email protected]>
lunny
added a commit
that referenced
this issue
Dec 14, 2021
…along with Setting Scopes (#16766) * Add setting to OAuth handlers to override local 2FA settings This PR adds a setting to OAuth and OpenID login sources to allow the source to override local 2FA requirements. Fix #13939 Signed-off-by: Andrew Thornton <[email protected]> * Fix regression from #16544 Signed-off-by: Andrew Thornton <[email protected]> * Add scopes settings Signed-off-by: Andrew Thornton <[email protected]> * fix trace logging in auth_openid Signed-off-by: Andrew Thornton <[email protected]> * add required claim options Signed-off-by: Andrew Thornton <[email protected]> * Move UpdateExternalUser to externalaccount Signed-off-by: Andrew Thornton <[email protected]> * Allow OAuth2/OIDC to set Admin/Restricted status Signed-off-by: Andrew Thornton <[email protected]> * Allow use of the same group claim name for the prohibit login value Signed-off-by: Andrew Thornton <[email protected]> * fixup! Move UpdateExternalUser to externalaccount * as per wxiaoguang Signed-off-by: Andrew Thornton <[email protected]> * add label back in Signed-off-by: Andrew Thornton <[email protected]> * adjust localisation Signed-off-by: Andrew Thornton <[email protected]> * placate lint Signed-off-by: Andrew Thornton <[email protected]> Co-authored-by: 6543 <[email protected]> Co-authored-by: Lunny Xiao <[email protected]> Co-authored-by: techknowlogick <[email protected]>
Chianina
pushed a commit
to Chianina/gitea
that referenced
this issue
Mar 28, 2022
…along with Setting Scopes (go-gitea#16766) * Add setting to OAuth handlers to override local 2FA settings This PR adds a setting to OAuth and OpenID login sources to allow the source to override local 2FA requirements. Fix go-gitea#13939 Signed-off-by: Andrew Thornton <[email protected]> * Fix regression from go-gitea#16544 Signed-off-by: Andrew Thornton <[email protected]> * Add scopes settings Signed-off-by: Andrew Thornton <[email protected]> * fix trace logging in auth_openid Signed-off-by: Andrew Thornton <[email protected]> * add required claim options Signed-off-by: Andrew Thornton <[email protected]> * Move UpdateExternalUser to externalaccount Signed-off-by: Andrew Thornton <[email protected]> * Allow OAuth2/OIDC to set Admin/Restricted status Signed-off-by: Andrew Thornton <[email protected]> * Allow use of the same group claim name for the prohibit login value Signed-off-by: Andrew Thornton <[email protected]> * fixup! Move UpdateExternalUser to externalaccount * as per wxiaoguang Signed-off-by: Andrew Thornton <[email protected]> * add label back in Signed-off-by: Andrew Thornton <[email protected]> * adjust localisation Signed-off-by: Andrew Thornton <[email protected]> * placate lint Signed-off-by: Andrew Thornton <[email protected]> Co-authored-by: 6543 <[email protected]> Co-authored-by: Lunny Xiao <[email protected]> Co-authored-by: techknowlogick <[email protected]>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Description
I have my OIDC provider which already asks for 2FA, but having 2FA enabled in Gitea makes users go through double 2FA authentication, which can be annoying.
Can you add an option to skip Gitea's 2FA when login in from an OIDC provider?
Thanks
The text was updated successfully, but these errors were encountered: