YunoHost SSO communicate LDAP groups to apps

My YunoHost server

Hardware: VPS bought online
YunoHost version: 3.6
I have access to my server : Through SSH and through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : no

Description of my issue

Hello beautiful YunoHost-community. I hope to have come to the right place, if not, feel free to close this topic without notice.
I want migrate from a custom KeyCloak+NextCloud+DokuWiki solution to YunoHost. KeyCloak is a SSO and user management solution.
I succeeded in setting up apps and users, but there are no groups of users and therefore no access control. However, my wiki depends heavily on access control, that I can manage in KeyCloak. I am aware of YunoHost being a selfhost-solution, I need access control because I’d like to set it up for a NGO. If that’s not possible altogether, so be it, but I love the project so I’d like to try.

My question now is (because I have trouble putting the terms in context):

Will the 3.7.x permission update described here [1] allow for roles / groups to be used inside the apps via LDAP? Like, will NextCloud or DokuWiki be aware of the groups and can I restrict access on that base?

From what I found it is only to decide whether a user has access to an app in a binary scheme, but LDAP supports groups, so I assume they would be available through the SSO?

I hope I’m getting things straight, I’d like to help out in the community as well as soon as I’m done with the basics…


[1] github: YunoHost/yunohost/pull/585

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.