SSO for services that use CA-based authentication.
Clone or download

README.md

ssoca

MIT licensed Alpha stability Coverage Status

SSO for services that use CA-based authentication.

For when you might want...

  • ssh users to authenticate against Cloud Foundry UAA,
  • Google Cloud project owners to have access to an OpenVPN server, or
  • a GitHub team to access a network with sshuttle

With the caveat that this repo...

  • is a work in progress, and
  • is open source to help facilitate demos, discussion, and reviews to continue its evolution

Summary

Supporting services like...

Supporting authentication from (and restricting by)...

  • GitHub - organization, team, user
  • Google - email, email domain, Cloud project+role
  • HTTP Basic

Supporting certificate authority keys stored in...

  • In-memory
  • Local filesystem

Supported technically by...

  • authentication being delegated to an external service (like Okta, UAA, GitHub, OAuth), and
  • external services being configured to trust a particular certificate authority, with
  • ssoca validating authentication and signing short-lived certificates.

Details

License

MIT License