Extension SSO

Title	SSO
Name	ckanext-sso
Type	Public extension
Description	OpenID connect plugin for CKAN used by the B.C. Catalogue.
CKAN versions	~2.7 Show details These CKAN Versions are exactely matched: 2.10.0 2.10.1 2.10.2 2.10.3 2.10.4 2.10.5 2.10.6 2.10.7 2.10.8 2.10.9 2.11.0 2.11.1 2.11.2 2.11.3 2.11.4 2.12.0 2.7.0 2.7.1 2.7.10 2.7.11 2.7.12 2.7.2 2.7.3 2.7.4 2.7.5 2.7.6 2.7.7 2.7.8 2.7.9 2.8.0 2.8.1 2.8.10 2.8.11 2.8.12 2.8.2 2.8.3 2.8.4 2.8.5 2.8.6 2.8.7 2.8.8 2.8.9 2.9.0 2.9.0a 2.9.1 2.9.10 2.9.11 2.9.13 2.9.2 2.9.3 2.9.4 2.9.5 2.9.6 2.9.7 2.9.8 2.9.9
Download-Url (zip)	https://github.com/bcgov/ckanext-sso.git#egg=ckanext-sso
Last commit	7 months ago (2025-06-03 15:57:22)
Url to repo	https://github.com/bcgov/ckanext-sso
Category	Authentication & Security

Description (long)	Show details ckanext-sso OpenID connect plugin for CKAN used by the B.C. Catalogue. Requirements Ckan 2.7 Notes Currently only supports keycloak This extension provides the ability for users to use access-tokens from Keycloak server to access CKAN functions via CKAN REST API. Via the `Authorization: Bearer` token format A new user will be created automatically in ckan database for corresponding keycloak user if it does not exist Original ckan auth still works normally with this extension, it only provides additional login means for rest access Installation To install 1) activate your virtual environment ie `source venv/bin/activate` 2) Install the requirements `pip install -r requirements.txt` 3) Install the package `python setup.py install` 4) Add `sso` settings in CKAN config file `ckan.plugins = sso {OTHER PLUGINS} ckan.sso.authorization_endpoint = http://localhost/auth ckan.sso.realm = master ckan.sso.client_id = client_id ckan.sso.client_secret = client_secret ckan.sso.sysadmin_group_name = admin ckan.sso.profile_group_field = groups ckan.sso.profile_username_field = preferred_username ckan.sso.profile_email_field = email ckan.sso.profile_fullname_field = name ckan.sso.profile_group_delim = / # for keycloak default` 5) Restart CKAN if it was already running
Version
Version release date	(not set)
Contact name	(not set)
Contakt email	(not set)
Contact Url	(not set)

Configuration hints	To install 1) activate your virtual environment ie `source venv/bin/activate` 2) Install the requirements `pip install -r requirements.txt` 3) Install the package `python setup.py install` 4) Add `sso` settings in CKAN config file “` ckan.plugins = sso {OTHER PLUGINS} ckan.sso.authorization_endpoint = http://localhost/auth ckan.sso.realm = master ckan.sso.client_id = client_id ckan.sso.client_secret = client_secret ckan.sso.sysadmin_group_name = admin ckan.sso.profile_group_field = groups ckan.
Plugins to configure (ckan.ini)	sso
CKAN Settings (ckan.ini)	`# ckan.plugins = sso {OTHER PLUGINS} # ckan.sso.authorization_endpoint = http://localhost/auth # ckan.sso.realm = master # ckan.sso.client_id = client_id # ckan.sso.client_secret = client_secret # ckan.sso.sysadmin_group_name = admin # ckan.sso.profile_group_field = groups # ckan.sso.profile_username_field = preferred_username # ckan.sso.profile_email_field = email # ckan.sso.profile_fullname_field = name # ckan.sso.profile_group_delim = / # for keycloak default`
DB migration to be executed	(not set)

ckanext-sso