HCL Domino Ideas Portal
Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.
For more information and upcoming events around #dominoforever, please visit our Destination Domino Page
This choice is available in Domino 14.0 when using Web Login with OIDC instead of SAML.
Steps to demonstrate:
Configure Web Login with OIDC per the documentation and test
Set OIDC_LOGIN_ENABLE_REDIRECT=0 in the server's notes.ini file
Rename domcfg.nsf to result in the "default" (yellow) session login form being used
Ensure that the Internet Site has username/password authentication over TLS is enabled as well as JWT authentication.
Restart the Domino server and connect to the site in question with an unauthenticated web browser. You should see the default yellow session login form with username and password fields and not one but two buttons, "Log In" and "Log in with OIDC".
If you also enable passkey authentication for that internet site, there will be three buttons on the default login form - "Log In", "Log in with a passkey", and "Log in with OIDC".
The domcfg template does not ship with a sample form that adds those extra buttons, but a custom login form could easily invoke the same back-end functionality as the yellow login form with a more pleasant color palette.
With two internet sites I have to have two IPs and in a balancer I have to manage two sites, one with authentication and one with SAML authentication.
I was wondering if it was possible, like other applications, to provide double authentication and access from the domcfg login page of choice.