#dominoforever | Product Ideas Portal

 

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Make SSO happen using OAUTH across the portfolio and extend IAM accordingly as a starting point

Integration of products starts with SSO. In the fog of IBMs passed ignorance, we are stuck and suffer with an archaic LTPA implementation that causes more issues than good in todays trust-based IT-systems.

On the other hand, we have a fully-baked, not-integrated IAM OAUTH2 implementation for domino-db that would possibly be able to do authentication for Domino HTTP and XPages as well. Please extend this further to Sametime and Connections and in a 2nd step to support other OAuth Providers (private and public) to solve the SSO issues between the HCL Digital Solutions Portfolio once and for all.

And for those arguing about SAML - this is like OS/2 - it has lost the battle. Face the defeat.

  • Guest
  • Mar 27 2020
  • Needs review
  • Attach files
  • Guest commented
    27 Mar, 2020 10:25am

    SAML stays relevant, but more for enterprise use. OAuth is more open to external users so both scenarios have their use cases. Azure AD combines them, as well as adfs 3.0 and above do. It is not so much the one or the other. But oAuth definitely opens up a wider range of use cases compared to SAML. If it is only about users of your company ldap, SAML stays a good and simple solution.