Uploaded image for project: 'Ansible Automation Platform RFEs'
  1. Ansible Automation Platform RFEs
  2. AAPRFE-2231

RFE: Entra Saml Authentication for Entra Service Principals.

XMLWordPrintable

    • False
    • Hide

      None

      Show
      None
    • False

      1. Goals
        Allow external auth service accounts to authenticate to Ansible Automation Platform.

      Background and strategic fit
      Right now all service accounts must either be created to act like actual users or be local accounts inside of the Ansible Automation Platform, We should support third party service accounts.

      Summary
      Over a year ago Micrsoft Entra introduced service principals which are essentially Service accounts that act on an apps behalf. Customers would like to be able to use these accounts to access the AAP API. Currently Microsoft does not allow these to be authenticated through the GUI, to create an AAP token. Microsoft Entra does work with SAML authnication for users on AAP. 

      Problem Description
      Third party service accounts are unable to authenticate to Ansible Automation platform using Microsoft entra. Once authenticated by Entra, the service account cannot get an authorization cookie or token back, in order to access the AAP API

              rh-ee-rreed Ron Reed
              rhn-gps-ssulliva Sean Sullivan
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: