18-22 October 2021
Europe/Amsterdam timezone

OIDC Support for Windows using Putty

20 Oct 2021, 11:45
go.egi.eu/egi2021-1 (Zoom Room 1)


Zoom Room 1


Dmytro Dehtyarov


OpenID Connect (OIDC) is an identity layer on top of the OAuth 2.0 protocol. Relying on OIDC for identity and access management can significantly simplify the process of providing access to users, especially for non-web applications where the management of typically used SSH keys is often laborious and error-prone.
This project aims to provide client-side support for OIDC access tokens for Putty - one of the most famous SSH clients for Windows. With the newly developed OIDC support for the server-side [https://github.com/EOSC-synergy/ssh-oidc], this effort fills the gap of the missing OIDC client functionality for Windows. Together, they provide a complete solution to manage users' access based on OIDC/OAuth2.

The project consists of two parts. The first part aims to port the oidc-agent to Windows. Oidc-agent is a set of command-line tools for Linux and macOS that enables users to manage and obtain OIDC access tokens. It follows the design of the ssh-agent and, as such, it can be easily integrated into the user's flow. The expected impact of this subtask is potentially huge. Users from many communities that may use this tool (such as HPC or any other community that needs constant access to computing and storage resources as part of their work) typically rely on Windows as their primary operating system.

In the second part of the project, we are going to integrate the oidc-agent with Putty. Users will be able to choose between using SSH with pageant - a Putty's ssh key manager or using SSH with OIDC-tokens against an OIDC-capable ssh-server.

Most suitable track Delivering services and solutions

Primary authors

Presentation Materials