Skip to main content

Cookie settings

We use cookies to ensure the basic functionalities of the website and to enhance your online experience. You can choose for each category to opt-in/out whenever you want.



Analytics and statistics


Better control of the OmniAuth authentication flows + adding new OmniAuth strategies

Avatar: AH
Currently Decidim is somewhat "locked" to the OmniAuth strategies that it ships with as defined here: To add new methods, you will need to override the constant which is a bad convention. Another thing is that with certain OmniAuth strategies, we need to have the control over the callback route and possibly also of the sign out route (in order to send a sign out request to the service in question). These are not straight forward to implement in Decidim right now. As an example, you can take a look at the module we've built which is a SAML2 based authentication method: Here is what we need to do to add the new OmniAuth strategy in the first place: Here is what we need to do to take control of the callback and passthru routes: Here is what we need to do to take control of the sign out flow: If you spend few moments investigating those pieces of code, you will notice that it's quite a hack currently to implement these. It's even worse when we have to implement multiple methods that all need e.g. individual sign out flow controls.


Please log in

The password is too short.