mirror of
https://github.com/plankanban/planka.git
synced 2026-02-24 19:08:59 +03:00
LDAP authentication #57
Reference in New Issue
Block a user
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @rpelissi on GitHub (Jan 6, 2021).
Hi and Happy New Year! I wish you the best for the new year!
Just to let you know that I love this solution. What could be even more cool is to add ldap authentification to the solution.
Thanks again for your work!
R.
@nickbe commented on GitHub (Jan 7, 2021):
We just added this to our list. Thanks for hinting.
@ikaruswill commented on GitHub (Jan 8, 2021):
+1 Would appreciate this feature as well.
By the ways, just a shoutout to you guys. Really appreciate the work you guys have put in to Planka. I like the fact that it's lightweight, snappy, and simple. I've tried many alternatives out there like Wekan, Kanboard, Taiga, Restyaboard, but all of them are either too heavy, or too specialized for a specific purpose (Software development for e.g.)
@swatcats commented on GitHub (Jul 27, 2021):
+1
@erwaan commented on GitHub (May 27, 2022):
Hello everyone !
I am looking to add a connection functionality to an LDAP. I'm still figuring out how and where to implement it. I have some leads so far, in the files
/client/src/actions/login.jsor/client/src/actions/entry/login.js, or by using the functions defined inclient/src/api/user.jsIf anyone here has any leads for research or indications, I'm all ears.
Thank you !
EDIT (3rd June 2022) : Now I manage to make calls to a test ldap in the
/server/api/controllers/access-token/create.jsfile. The goal would be to establish a connection with a user here, to return an access token needed to connect. This token is verified in/client/src/sagas/login/services/login.js.@erwaan commented on GitHub (Jun 15, 2022):
I finally managed to add authentication by ldap, I will share my code for a pull request as soon as possible
@kaptinlin commented on GitHub (Jun 16, 2022):
+1 for ldap support
@nickbe commented on GitHub (Jun 21, 2022):
@erwaan Very nice!
@kaptinlin commented on GitHub (Jun 25, 2022):
@erwaan look forward to the pull request.
@erwaan commented on GitHub (Jun 29, 2022):
I will make the pull request with my company's account @astenmco
@astenmco commented on GitHub (Jun 29, 2022):
Here it is #268
@accade commented on GitHub (May 12, 2023):
Any news about this would be very appreciate.
@ghost commented on GitHub (May 16, 2023):
+1 for efforts !
@13robin37 commented on GitHub (Jul 31, 2023):
Any chance you can check that PR @astenmco? Nice work!
@astenmco commented on GitHub (Aug 10, 2023):
It's done ! :)
@Vibeshibe commented on GitHub (Aug 10, 2023):
Really looking forward to LDAP support
@pca-homsi commented on GitHub (Dec 8, 2023):
You have an option to work with OIDC provider backed by an LDAP database like the ldap user federation in keycloak
@trivialkettle commented on GitHub (Apr 3, 2024):
Any news on this one?
@meltyshev commented on GitHub (Apr 3, 2024):
We plan to add this, but it's hard for us to provide an exact date, we're solving major issues for v2 right now. There's a good chance it will be in the v2 release.
@meltyshev commented on GitHub (May 12, 2025):
Thanks for the note! We’ve tested this setup, and it works. Adding native LDAP support directly to PLANKA is quite challenging at the moment, as it would require numerous configuration options and increase maintenance overhead.
Here’s a brief outline of how this can be done:
Install Keycloak.
In Keycloak, go to User Federation and add a new LDAP provider.
Once LDAP is configured, create an OpenID client in Keycloak.
Finally, configure OpenID in PLANKA using the official documentation:
https://docs.planka.cloud/docs/configuration/oidc/.
@mytrashon commented on GitHub (Jun 5, 2025):
Hello @meltyshev
I have set up Planka and Cloak in separate Docker containers and configured integration with AD LDAP. The issue is that Cloak runs over HTTPS using a self-signed certificate. As far as I understand, Planka connects to Cloak via an OIDC client, which has a hardcoded rule to reject self-signed certificates. When I try to connect, I get the following error:
planka [W] Error while initializing OIDC client: Error: self-signed certificate
planka [E] Sending 500 ("Server Error") response:
I successfully added my certificate via a Dockerfile in Alpine, but it didn’t help. Apparently, some component within Planka has its own certificate handling rules.
How can I fix this and make the OIDC client accept my self-signed certificate?
Thank you!
@meltyshev commented on GitHub (Jun 5, 2025):
Hi! This might be resolved using the approach mentioned here (if you haven't tried it yet): https://github.com/plankanban/planka/issues/925#issuecomment-2441909192.
@mytrashon commented on GitHub (Jun 5, 2025):
Thank you very much, everything works fine.
Sorry for the additional bother, but could you please tell me why user management is not available in Planka for users created via SSO login?
For example, I can't assign such a user as an administrator. Button is inactive.
Thank you!
@meltyshev commented on GitHub (Jun 5, 2025):
Great to hear that it worked!
The role selector is inactive because PLANKA uses OIDC roles as the source of truth. However, you can disable role syncing by setting
OIDC_IGNORE_ROLES=true, which will allow you to configure roles directly in PLANKA.