I am writing an app in node red that has a GUI component that allows humans to login to a web page. To login, I want to authenticate the user against an existing AD using ADFS. Is there a node that allows me to do this? I'm not having much luck finding a solution.
I am told that if ADFS is not possible, I can authenticate using Kerberos as well.
Can anyone point me in the right direction or provide a solution?
While I've never actually got round to doing this, I understand that Node-RED uses Passport which is a popular extension to ExpressJS which Node-RED uses to provide its web interfaces.
As such, there are plugins for Passport that provide both Azure Active Directory - which I think is what you want when you talk about "ADFS" since that is what connects an on-premise AD to AAD in the cloud. And also for Kerberos.
Of course, Kerberos is only suitable for LAN-based authentication and shouldn't generally be used over the Internet. It is the product of a bygone age.
To make use of AAD based logins, you will need to have access to your Azure configuration - or perhaps more likely - access to someone who is an administrator. It will require configuration in Azure.
If you really want to be a masochist, you could also use a SAML approach (again, against AAD). This is more robust but rather harder and more involved to configure.
Thanks for the info. It's an on-premise AD for now, not sure what the future holds. So maybe for flexibility I should use ADFS/AD using Passport. I will read up on that.