WTI SSO

Administrator logins to Mall on Rails will utilise the WTI SSO infrastructure.

The Key Treasures deployment will use our existing LDAP system. Customer deployments will use LDAP groups to allow for centralised authentication, allowing them access to services like GitLab as well. This group-based authorisation will be part of the configuration of Keycloak and will not require modification of the Mall on Rails system.

If a customer wishes to self-deploy Mall on Rails, they will need to set up database authentication using the Devise gem. This scenario is outside the scope of this planning document.