Skip to content

Allow Forcing all users to always use SSO#7119

Draft
hardillb wants to merge 9 commits intomainfrom
sso-everybody
Draft

Allow Forcing all users to always use SSO#7119
hardillb wants to merge 9 commits intomainfrom
sso-everybody

Conversation

@hardillb
Copy link
Copy Markdown
Contributor

@hardillb hardillb commented Apr 21, 2026
edited
Loading

fixes #6319

Description

Allows configuration of a single SSO provider that all users will be redirected to

image

Users trying to access /admin/* routes are not redirected to the SSO provider allowing admins to be able to login even when SSO is not working.

Related Issue(s)

#6319

Checklist

  • I have read the contribution guidelines
  • Suitable unit/system level tests have been added and they pass
  • Documentation has been updated
    • Upgrade instructions
    • Configuration details
    • Concepts
  • Changes flowforge.yml?
    • Issue/PR raised on FlowFuse/helm to update ConfigMap Template
    • Issue/PR raised on FlowFuse/CloudProject to update values for Staging/Production
  • Link to Changelog Entry PR, or note why one is not needed.

Labels

  • Includes a DB migration? -> add the area:migration label

@hardillb hardillb self-assigned this Apr 21, 2026
@codecov
Copy link
Copy Markdown

codecov Bot commented Apr 21, 2026
edited
Loading

Codecov Report

❌ Patch coverage is 16.66667% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 76.27%. Comparing base (2b3a0ec) to head (6121eb8).

Files with missing lines Patch % Lines
forge/routes/api/settings.js 16.66% 5 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #7119      +/-   ##
==========================================
- Coverage   76.29%   76.27%   -0.02%     
==========================================
  Files         405      405              
  Lines       20348    20354       +6     
  Branches     4895     4896       +1     
==========================================
+ Hits        15525    15526       +1     
- Misses       4823     4828       +5
Flag Coverage Δ
backend 76.27% <16.66%> (-0.02%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@hardillb
Copy link
Copy Markdown
Contributor Author

hardillb commented Apr 21, 2026

Possible keycloak option for the logout url

https://suedbroecker.net/2021/05/18/simply-logout-from-keycloak/

@hardillb hardillb requested a review from knolleary April 21, 2026 17:31
@hardillb hardillb changed the title Force all users to always use SSO Allow Forcing all users to always use SSO Apr 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@knolleary knolleary Awaiting requested review from knolleary

At least 1 approving review is required to merge this pull request.

Assignees

@hardillb hardillb

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Allow instant redirect to SSO provider if only 1 SSO provider configured

1 participant

@hardillb