HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.


For more information on products and upcoming events around #dominoforever, please visit: HCL Domino Page


Add a new idea Subscribe
Status Shipped
Workspace Domino
Categories Administration
Created by Guest
Created on Jun 11, 2025

RELATED IDEAS

OIDC Web authentication without person document

Currently it is required to have user's person documents in Domino directory to allow OIDC web authentication. We would like to propose to allow user's from external directory to use Domino OIDC for web auth without requiring to create person document in Domino NAB

Release
Domino 2026 (14.5.1)
Release date
Mar 19, 2026
  • Attach files
  • Guest
    Mar 20, 2026

    Domino 14.5 can be set-up to use OIDC for web authentication (e.g. via Keycloak) so that users can authenticate without needing person documents in a Domino directory. Users then get the "-Default-" level of access to application databases.

    It would be nice if we could use "email" addresses in ACL groups so that users could be granted different levels of access to application databases in this scenario.

    As I think suggested, it would be nice if via OIDC an additional claim could be returned that would be used as the authenticated Notes user name (this should be optional).


    Reply
  • Guest
    Jun 16, 2025

    Should also be able to assign "sub" as Notes username instead of "email" as it is now

    1 reply
                                    Copyright © 2025 HCLSoftware Limited