This should be fixed now with the latest package.
AppDev
Cloudron App Packagers
Posts
-
Urgent Security update for OIDC plugin Wordpress -
ZeroNet@robi investigating ....
-
CCAI : Cloudron Custom App Installer@robi sorry for confusion
"CCAI" as a whole is not gone
Just the original browser-centric version requiring users to put auth creds in my site (yuk!)CustomAppGateway lives on, to install CCAI-P and individual apps.
https://customgateway.appx.ukThis will live for a while, definitely for a month after 9.1 is released, maybe as long as 3-6 months after 9.1.
-
ZeroNetpushed a new version v1.0.63
Test site : 191CazMVNaAcT9Y1zhkxd9ixMBPs59g2um
tweaked : v1.0.64
-
Urgent Security update for OIDC plugin WordpressThere's quite a bit of changes needed: the plugin has also moved to composer, we need a new platform release to adjust for the JWKS key handling, some changes to the package to whitelist the cloudron OIDC server since it appears WP is blocking it etc.
I think if someone is waiting for this, this will take a while. Best to not update the plugin (or if you already updated, you should roll back somehow).
-
CCAI : Cloudron Custom App Installer@IniBudi I didn’t make a video as the process is simple, and Cloudron 9.1 will take over soon.

As @humptydumpty (thank you for stepping in) said, the process is guided.
Some important points :
- CCAI original version is dead : site now directs you to CustomAppGateway which is the new start point
- CustomAppGateway gives you choice of installing individual apps from there, or installing CCAI-P which is maybe more useful if installing multiple custom apps
- for individual installations, CustomAppGateway shows a catalogue, pick an item, popup shows a description and a curl one line installation command. Copy that and paste into your desktop/laptop terminal. It will :
- prompt for your Cloudron, e.g. my.domain.tld
- prompt for a token (create this in your Cloudron dashboard | Profile | Tokens
- prompt for app location, eg myapp.mydomain.tld
- invoke the installation : note that it will likely complete quickly but your Cloudron needs another couple minutes to install the app
- for multiple custom apps, use CustomAppGateway to install CCAI-P : same process as above.
- you will then have an app in your Cloudron which can install further apps (displays the same catalog as CustomAppGateway but no more curl download links)
- store your creds in /app/data
- pick an app and watch installation proceed
- wait for completion notice.
Note : your auth creds are now always input in your control (your desktop or your own Cloudron environment), never in a 3rd party site.
Let me know if any other questions
-
Urgent Security update for OIDC plugin WordpressI am testing it right now, let's see what other issues are there.
-
Urgent Security update for OIDC plugin WordpressThe plugin has also started requiring the 'alg' param in JWKS keys. The field is optional (https://datatracker.ietf.org/doc/html/rfc7517#section-4.4) , but I have added it to our oidcserver now.
-
Urgent Security update for OIDC plugin WordpressThe current plugin version has some issues, I have left a note here - https://github.com/oidc-wp/openid-connect-generic/issues/633
-
Backup Region (DigitalOcean Spaces) not available