mirror of
https://github.com/Mintplex-Labs/anything-llm.git
synced 2026-07-19 14:13:35 -04:00
[GH-ISSUE #1193] Implement Single Sign-On (SSO) Authentication with Azure Active Directory, GitHub, and Google #736
Closed
opened 2026-02-22 18:21:05 -05:00 by yindo
·
16 comments
No Branch/Tag Specified
master
5846-bug-when-scrolling-up-scrolling-jumps
refactor-remove-workspace-pfp
5969-bug-stopgenerationbutton-disappears-on-the-first-prompt-that-initiates-an-agent-session
2235-bug-how-to-upload-a-folder-with-subfolders-with-files-to-anythingllm
5990-workspace-update-fails-with-unknown-argument-router_id-v1130v1150-intel-mac
opencomputer-examples
pg
feat/image-generation-translations
feat/image-generation
5924-bug-meeting-summary-fails-with-sincludes-is-not-a-function-when-default-llm-is-anthropic-claude
render
feat/uniform-modal-component
5883-bug-unescaped-content-in-json-strings-being-passed-to-document-generator-tools
5901-bug-api-update-embeddings-fails-prisma-argument-filename-is-missing-on-workspace_documentscreate-desktop-windows-v1141
hybrid-search
1981-translations
5752-bug-prompts-to-local-jan-endpoint-unresponsive
feat-disable-native-tool-calling-env-var
5676-bug-non-ollama-agent-providers-do-not-parse-and-present-reasoning-content
feat/markdown-web-scraping
5717-bug-apiv1documentupload-silently-drops-metadata-field-in-desktop-1130-arg-count-mismatch-nested-payload-key
fix/aibitat-context-overflow
5711-bug-erratic-deepseek-v4-flash-the-agent-model-failed-to-respond-400-the-reasoning_content
5631-feat-custom-api-request-timeouts-for-ai-providers
feat-reasoning-control
feat-agent-clarifying-questions-translations
5583-bug-lm-studio-provider-does-not-present-reasoning-output
5313-normalize-translations
feat/memory-translations
5305-lemonade-embedding-engine-swallows-errors-falsely-reports-documents-as-embedded
5060-bug-agent-interactions-agent-are-not-persisted-to-thread-history-via-api
pptx-subagent
feat-render-images-from-mcp-tool-results
stt-provider-expansion-openai-api-compatible
feat-file-search-agent-tool
feat-native-embedder-job-queue
5189-normalize-translations
feat-file-search-agent-tool-translations
i18n-eslint
5140-auto-migration
5112-bug-openrouter-failed-message-bug
3506-feat-parameters-for-openrouter-models
4992-feat-preserve-scroll-position
4973-bug-markdown-numbered-list-display-in-reasoning-pane
desktop
4938-bug-pending-chat-rerendering-ui-bug
quickstart-env
node-llama-cpp-in-container-cuda
node-llama-cpp-in-container
ollama-in-container
4817-feat-set-cooldown-per-mcp-server
4845-keyboard-shortcuts-to-navigate-in-chat
4844-feat-reorder-threads-by-latest-interaction
standardize-username-constraints-normalize-translations
4792-feat-refactor-workspacepfp-image
1382-embed-ip-improvements
1382-bug-embed-api-improvements
refactor-eslint-frontend
4687-feat-refactor-vector-db-providers
4615-feat-disable-apidocs-with-environment-variable
4559-feat-agent-web-search-enable-ordering-of-results
4599-bug-ollama-race-condition-bug
4572-bug-lmstudio-provided-llm-stopped-working-with-anything-llm-after-upgrading-to-190
4508-agent-youtube-transcript-analysis
4497-feat-workspace-names
frontend-eslint
ollama-lmstudio-auto-context-window
4431-validate-vector-database-connectioN
2019-slash-command-keyboard-selection
microsoft-foundry-provider
4431-validate-vector-database-connection
4325-sys-prompt-var-improvements
3209-feat-apiv1workspacestream-chat-sources-citations
4210-bug-voice-to-text-overwrite
4136-feat-jan-as-a-backend-server-option
4172-feat-openai-o3-support
1.8.3-rerelease
web-push-notifications-service
tasks
3955-feat-jinaai-embedder-provider-support
3921-feat-agent-skills-uiux-improvements
3901-bug-validfunccall-checks-optional-arguments
keyboard-dev
1787-custom-roles-and-permissions
add-jira-slack-data-connector
office-extension-wip
lightmode-dropdown-color-update
3586-bug-agent-flow-function-description-provided-by-user-is-not-seen-in-the-llm-query
3463-bug-agent-continues-to-run-if-request-failed-even-after-exit
3439-feat-call-variables-within-the-flow-api-block-url-field
3282-manager-view-models-workspace
3280-token-counting-server-side-truncation-improvements
3147-bug-embedded-chat-widget---not-considering-query-mode-option-always-working-in-chat-mode
2995-feat-disable-temperature-setting-for-deepseek-r1-deepseek-reasoner-model
2827-feat-perplexity-citations
2866-feat-finally-a-gemini-models-endpoint
2647-feat-hpp-header-for-a-c++-code-file-mime-addition
lancedb-revert
1656-feat-implement-tooltip-ui-designs
2011-feat-bump-perplexity-models
1873-feat-auto-add-and-watch-folder-for-document-uploads
1297-feat-gemini-agent-support
1759-bug-ui-bug-fixes
1686-feat-implement-winston-for-logging
1536-bug-toggling-on-users-can-delete-workspaces-does-not-take-effect
agent-ui-mobile-styles
1522-feat-chromadb-support
1595-bug-unable-to-get-live-web-search-and-browsing-agent-working-using-google-custom-search-engine-error-getaddrinfo-enotfound-http-errno-3008
1582-bug-lm-studio-does-not-allow-for-different-model-selection
1312-bug-usernames-should-not-be-case-sensitive-when-logging-in
1029-feat-hf-serverless-inference-api
1086-feat-implement-normalized-input-fields
knowledge-graph-support
644-bug-uploaded-file-name-does-not-match-the-displayed-file-name-after-the-upload
v1.15.0
v1.14.2
v1.14.1
v1.14.0
v1.13.0
v1.12.1
v1.12.0
v1.11.2
v1.11.1
v1.11.0
v1.10.0
v1.9.1
v1.9.0
v1.8.5
v1.8.4
v1.8.3
v1.8.2
v1.8.1
v1.8.0
v1.7.8
v1.7.6
v1.7.5
v1.7.4
v1.4.0
v1.3.0
v1.2.4
v1.2.3
v1.2.2
v1.2.1
v1.2.0
v1.1.1
v1.1.0
v1.0.0
Labels
Clear labels
Desktop
Docker
Integration Request
Integration Request
OS: Linux
OS: Mobile
OS: Windows
UI/UX
blocked
bug
bug
core-team-only
documentation
duplicate
embed-widget
enhancement
feature request
github_actions
good first issue
investigating
needs info / can't replicate
possible bug
pull-request
question
stage: specifications
wontfix
Mirrored from GitHub Pull Request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Notifications
Due Date
No due date set.
Dependencies
No dependencies set.
Reference: Mintplex-Labs/anything-llm#736
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
Delete Branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @bulik0071 on GitHub (Apr 26, 2024).
Original GitHub issue: https://github.com/Mintplex-Labs/anything-llm/issues/1193
What would you like to see?
I would like to suggest a new feature for the implementation of Single Sign-On (SSO) authentication using Azure Active Directory, GitHub, and Google. This feature would enhance security and streamline the login process by allowing users to authenticate through these widely-used platforms.
Why it would be useful:
This feature could potentially lead to higher user satisfaction and streamline workflows by reducing the barriers to entry. I believe that integrating SSO with these services would make a significant positive impact on the user experience.
@cope commented on GitHub (May 10, 2024):
This would be awesome!
@CultusMechanicus commented on GitHub (May 16, 2024):
Could we also keep a generic "read user from an Auth header" on the radar, as that would open up using basically any third party auth system. For instance, I have Open WebUI header-authenticating via a Cloudflare Access worker tied to Discord and GitHub.
@IamTaoChen commented on GitHub (May 21, 2024):
I use Keycloak. it's better to support generic OIDC.
@ozoromo commented on GitHub (Jun 12, 2024):
+1 on this feature, would make adoption into pre-existing environments much easier and make it easier for companies to use
@derkoe commented on GitHub (Jun 20, 2024):
I think using https://authjs.dev/getting-started/installation?framework=express might be the best solution since it supports multiple auth methods. The library used in #1326 only supports Google.
@vipr0105 commented on GitHub (Jun 20, 2024):
+1, at times majority of documents sit in O365 and SSO/AD integration shall make things more simpler. We could call those documents directly into LLM, by automating the complete process instead of manually feeding via GUI.
@bmkor commented on GitHub (Jul 2, 2024):
+1 Could also include LDAP auth which is commonly used in company environment.
@SeaDude commented on GitHub (Jul 8, 2024):
Has this enhancement been started yet? If so, where can I follow / maybe contribute to its progress?
@jlmatus commented on GitHub (Jul 22, 2024):
There's a PR from May that started implementing this (at least using google), but it hasn't been reviewed yet:
https://github.com/Mintplex-Labs/anything-llm/pull/1326
@sheneman commented on GitHub (Aug 9, 2024):
I just wanted to add that integrating Single Sign-On (SSO) with third-party authentication providers and OpenID Connect (OIDC) would greatly facilitate deploying this tool across our enterprise. In our case, we use OAuth and Azure Active Directory for authentication, along with Duo for multi-factor authentication (MFA).
I would personally love to see this feature request given a very high priority.
@chkrause commented on GitHub (Sep 18, 2024):
Are there any updates available? When will the integration with authorisation providers available?
@SeaDude commented on GitHub (Sep 18, 2024):
It would be HUGE to also implement Azure EntraID login to the DESKTOP app too.
The requirement to add an API key to use Azure Open AI is a blocker for many orgs.
(Of course the Docker image can be deployed centrally, but that in-turn introduces complexity.)
Imagine a world where enterprise users download a pre-vetted version of the AnythingLLM desktop app from the org's download center, login with their credentials, and now have access to the orgs Azure OpenAI.
That would basically be Enterprise ChatGPT...
@scooter7 commented on GitHub (Sep 19, 2024):
Hi, I'm also curious about this feature. It is the only thing I need before being able to implement AnythingLLM across my organization. Thanks!
@phosjlusky commented on GitHub (Nov 21, 2024):
I'd love to see built-in SAML support, A decent alternative would be header-based authentication so that I can authenticate in a proxy. Google
@dpcahill commented on GitHub (Dec 16, 2024):
+1 Please SAML integration. Especially for MS Entra.
@timothycarambat commented on GitHub (Jan 3, 2025):
Because there are limitless ways someone or an organization might want to manage access for SAML/SSO and, on top of that, even more specific flows and set ups, we have instead made a configuration you can enable SIMPLE_SSO, which allows you to generate a short-lived token URL that you can provision and redirect the user to that will log them into AnythingLLM automatically.
Now, you can build your own middleware that works with your specific process, provider, and UI/UX and on successful authentication pass the user the URL to be redirected to and have them be fully authenticated seamlessly.
Adding support for one provider means we need to add support for many many others and also the nuance of how people do authentication and frankly maintaining SSO will require so much bandwidth which is a distraction to the core proposition of this repo.
Now it is possible and fully flexible to whatever or however you want that flow to work.
Implement Single Sign-On (SSO) Authentication with Azure Active Directory, GitHub, and Googleto [GH-ISSUE #1193] Implement Single Sign-On (SSO) Authentication with Azure Active Directory, GitHub, and Google