Implement SSO Authentication in NBI and osmclient

Proposers

• Luis Vega (Whitestack)
• Gabriel Cuba (Whitestack)

Description

Right now, the NBI Authentication Backend has two options: Internal or Keystone. We want to add the possibility to use an SSO type of authentication to OSM, to simplify the user experience by reducing the need to enter multiple login credentials for different systems.

As part of the design, it will be evaluate what is the best option to implement SSO. One option, to be studies, is to rely on the multiple SSO protocols that Keystone already supports.

Demo or definition of done

• OSM can authenticate a user using SSO
• The integration with authentication platforms must be properly documented.
• A Robot test will be created to test this functionality against either a public OpenID connect server (Google OAuth Server) or a private server based on Keycloak.