SSO authentication with Icinga Director


I would like to implement a SSO authentication system in front of my future Icinga2 infrastructure.

After reading the documentation, it will be fine for the Icinga2 API. As the API is under /v1, I’ll whitelist this path in my SSO configuration so I can continue to use the ApiUser objects :slight_smile:

But for Icinga Director, the documentation says: “Most URLs you can access with your browser will also act as valid REST url endpoints.”. And the authentication is based on user account of Icinga Web 2.

So I cannot whitelist the URLs of Director in my SSO configuration, because it will break the SSO for real user.

Is there any possibility to configure the Director API with a prefix?

Do not hesitate to request more details if my post is not obvious :slight_smile:

Thanks for reading.