Integrating Backend Service with AzureAD token with Guacamole's SSO Extension

[ca...@me.com.INVALID]

Hello,
I'm currently working on integrating AzureAD with Guacamole's SSO extension. My goal is to pass the AzureAD ID token through the backend service and obtain the corresponding Guacamole user token. However, I'm facing challenges when attempting to send POST/GET requests to the /api/ext/openid/login endpoint. I understand that my approach might be incorrect, and I would greatly appreciate any suggestions or guidance on how to achieve this integration successfully.


Here's a clearer explanation of the desired workflow:
    • The user's ID token, generated by AzureAD, needs to be passed through our backend service.
    • The backend service should then forward the ID token to Guacamole's SSO extension.
    • Upon successful authentication, the Guacamole user token should be returned back to the backend service.


I have attempted to make requests to the /api/ext/openid/login endpoint, but I'm not getting the desired outcome. It's possible that I'm missing crucial steps or misconfiguring the integration (mostly from a lack of understanding) 


If anyone has experience with integrating AzureAD with Guacamole's SSO extension or suggestions on how to make this workflow work effectively, your insights would be highly appreciated.

Thanks! 
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@guacamole.apache.org
For additional commands, e-mail: user-help@guacamole.apache.org