Hello Everyone,

I write this topic for know if it's possible to use OpenID Connect and keycloak with Lime Survey.

Indeed, i want install in my all survey authentification for all user and i have a application who use OIDC.

thank you for your forthcoming answers and  if i write that in the wrong channel  I'm sorry for that.

Cordially.

Can be done via plugin

For User / survey participant
gitlab.com/SondagesPro/TokenManagement/LdapTokenAuthenticate
gitlab.com/SondagesPro/OrcidAuthenticate

For admin : check core plugins

Thank you for your answer.

I have another question, can we use Single Sign-on protocole with Lime survey ? or Lime Survey can't use it ?

Cordially.

? It's the previous answer …
yes, with plugin .

See www.limesurvey.org/manual/Available_thir...thentication_plugins

DenisChenu wrote:

Can be done via plugin

For User / survey participant
gitlab.com/SondagesPro/TokenManagement/LdapTokenAuthenticate
gitlab.com/SondagesPro/OrcidAuthenticate

For admin : check core plugins

Ok sorry and thank you for your answer.

Can we have OTP instead of Access Token for survey authentication ?

Need to be constructed …
gitlab.com/SondagesPro/OrcidAuthenticate is an OAuth solution.

Can some one develop this plugin / piece of code for us? 

www.limesurvey.com/customization
extensions.sondages.pro/about/contact.html

It is possible to add a new authentication type by writing a plugin. I have done one.

OTOH, it does not really work as it should. For example, if the name and email come from another system (LDAP, Shibboleth, whatever), still the user sees a setting to change those.

DB table lime_users should contain a column telling the type of account, at least "local" or "external", and maybe could have values "ldap", "sb" etc.

Jmantysalo wrote:

DB table lime_users should contain a column telling the type of account, at least "local" or "external", and maybe could have values "ldap", "sb" etc.
 

Permission is here in 5.X but still : no password or email is needed for some Auth plugin.
Create fake one is an issue in my opinion …

I really appreciate your response buddies but its really difficult for me to understand anything

Let me lay down what i am looking for
1. We have closed survey
2. I want users to supply the OTP when they hit the survey LINK
3. We need this run time generated password so that survey does not work for forwarded links
4. OTP for participants - right now we are using access code but its a static value

We need this run time generated password so that survey does not work for forwarded links

There is a setting for tokens to limit them to a single use.

Uses left - www.limesurvey.org/manual/Survey_partici...s/en#Add_participant

There is a setting for tokens to limit them to a single use.

But if I am right, we are now looking a solution where a participant can not give his/her token to other people. For that I guess it is theoretically impossible. But maybe another web page protected by shibboleth or similar could create a link with variable, and that would be used with the panel integration -feature?

upstacksolutions wrote:

I really appreciate your response buddies but its really difficult for me to understand anything

Let me lay down what i am looking for
1. We have closed survey
2. I want users to supply the OTP when they hit the survey LINK
3. We need this run time generated password so that survey does not work for forwarded links
4. OTP for participants - right now we are using access code but its a static value
 

OK : think i got it
Something like this : gitlab.com/SondagesPro/SurveyAccess/extraRegisterPassword Token + Password but with a OTP

Sample :
1. User receive the token link and click on it
2. System send an email (for example) with a one time password
3. System show to user a form and «enter your one time passord»
4. System check in one time password sent are the same then one time password sent by email.

The one time passowrd have a limited lifetiùme (one hour or less), user can click on a link to receive another one.

Can be done in plugin.