#dominoforever | Product Ideas Portal


Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Make SSO happen using OAUTH across the portfolio and extend IAM accordingly as a starting point

Integration of products starts with SSO. In the fog of IBMs passed ignorance, we are stuck and suffer with an archaic LTPA implementation that causes more issues than good in todays trust-based IT-systems.

On the other hand, we have a fully-baked, not-integrated IAM OAUTH2 implementation for domino-db that would possibly be able to do authentication for Domino HTTP and XPages as well. Please extend this further to Sametime and Connections and in a 2nd step to support other OAuth Providers (private and public) to solve the SSO issues between the HCL Digital Solutions Portfolio once and for all.

And for those arguing about SAML - this is like OS/2 - it has lost the battle. Face the defeat.

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Mar 27 2020
  • Needs review
  • Attach files
  • Avatar40.8f183f721a2c86cd98fddbbe6dc46ec9
    Guest commented
    27 Mar 10:25am

    SAML stays relevant, but more for enterprise use. OAuth is more open to external users so both scenarios have their use cases. Azure AD combines them, as well as adfs 3.0 and above do. It is not so much the one or the other. But oAuth definitely opens up a wider range of use cases compared to SAML. If it is only about users of your company ldap, SAML stays a good and simple solution.