[GH-ISSUE #696] [FEAT]: Header authentication to support various forms of auth and SSO #399

Closed
opened 2026-02-22 18:19:18 -05:00 by yindo · 1 comment
Owner

Originally created by @icsy7867 on GitHub (Feb 8, 2024).
Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/696

What would you like to see?

Header auth using sso/saml is one of my favorite and easiest ways to implement SSO to a page.

Authelia is one popular tool, as well as apache Mellon. These tools basically set a header variable for a username after it has successfully authenticated the user.

Netbox Has an excellent implementation of this
https://demo.netbox.dev/static/docs/administration/authentication/

For authentication on the app side, if header auth is enabled, the built in login mechanism is disabled. The app generally reads the REMOTE_User header value. If it's set, register the user and authenticate them automatically.

Typically for sso/saml you can control who has access on the idp side. SSO services can even pass through groups or AD groups which gives some neat possibilities in an enterprise setting.

Awesome tool! I know your busy with it, but just wanted to toss this one out there.

Originally created by @icsy7867 on GitHub (Feb 8, 2024). Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/696 ### What would you like to see? Header auth using sso/saml is one of my favorite and easiest ways to implement SSO to a page. Authelia is one popular tool, as well as apache Mellon. These tools basically set a header variable for a username after it has successfully authenticated the user. Netbox Has an excellent implementation of this https://demo.netbox.dev/static/docs/administration/authentication/ For authentication on the app side, if header auth is enabled, the built in login mechanism is disabled. The app generally reads the REMOTE_User header value. If it's set, register the user and authenticate them automatically. Typically for sso/saml you can control who has access on the idp side. SSO services can even pass through groups or AD groups which gives some neat possibilities in an enterprise setting. Awesome tool! I know your busy with it, but just wanted to toss this one out there.
yindo added the enhancementfeature request labels 2026-02-22 18:19:18 -05:00
yindo closed this issue 2026-02-22 18:19:18 -05:00
Author
Owner

@timothycarambat commented on GitHub (Apr 26, 2024):

Moving convo to #1193

@timothycarambat commented on GitHub (Apr 26, 2024): Moving convo to #1193
yindo changed title from [FEAT]: Header authentication to support various forms of auth and SSO to [GH-ISSUE #696] [FEAT]: Header authentication to support various forms of auth and SSO 2026-06-05 14:35:06 -04:00
Sign in to join this conversation.
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Mintplex-Labs/anything-llm#399