Finally! Mastodon using SAML for SSO \o/

It just took 4 hours, a bunch of mastodon restarts, an annoyed :sheogorath: me and some source code reading to end up with a working solution without workarounds(!) and a bug report.

I guess I should write a blog post now 😐

@valerauko I'm currently setting up keycloak as auth backend for all my services.

I'll definitely write some tutorial for that, because non exists for Mastodon + Keycloak yet. And I can tell that this would have been **really** helpful :D

@sheogorath i don't know what you use but the ruby-saml library is easy to use and contribute to as well

@valerauko Mastodon has already omniauth-saml integrated. Main problem was a bug that appeared due to the fact that I tried to link an existing account. Which caused Mastodon to generate a temporary email address which it then again tried to store in the user model but the user model didn't accept this "email" address as it was invalid.

Sign in to participate in the conversation
Sheogorath's Microblog

This instance is the microblog to my blog. You'll probably find more recent content here while finding more elaborated content on the blog. Impressum / Datenschutz / Privacy