Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Discuss
  3. How do you login via oidc supported apps on mobile?

How do you login via oidc supported apps on mobile?

Scheduled Pinned Locked Moved Discuss
16 Posts 5 Posters 811 Views 5 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • humptydumptyH humptydumpty

    I’m trying to log in to my wekan app on ios using brave and the sign in with oidc button doesn’t do anything. How does this work?

    Another question, is it possible to disable oidc for all apps?

    girishG Offline
    girishG Offline
    girish
    Staff
    wrote on last edited by
    #6

    @humptydumpty On iOS Firefox, Settings -> Block Popup Windows -> Disable . Then, clicking on the OIDC button opens a popup to login.

    Another question, is it possible to disable oidc for all apps?

    As in, you want it to use LDAP over OIDC ? Otherwise, when installing, do not use Cloudron User Management.

    Assuming, this is related to OIDC issue here, this is only a quirk in Wekan that it shows a popup. This has to be fixed in Wekan somehow.

    1 Reply Last reply
    0
    • girishG Offline
      girishG Offline
      girish
      Staff
      wrote on last edited by
      #7

      For Brave, maybe https://community.brave.com/t/how-do-i-enable-pop-ups/197532/ works.

      For Safari, it's in Settings -> Safari -> Allow popups.

      1 Reply Last reply
      1
      • humptydumptyH Offline
        humptydumptyH Offline
        humptydumpty
        wrote on last edited by humptydumpty
        #8

        I changed the popup setting in brave but it still won’t log in. Most definitely yes, ldap over oidc any day, but better yet, plain old user/pass. It’s not a hassle with a pass manager like vault/bit warden. Can i disable oidc server wide?

        For some apps, i like to have different accounts, like one user and one admin. I sometimes have more that are related to what I’m using the account for, personal vs business or business 1, business 2, etc. since not all apps have good user management features built-in. I’m not sure how i can do that with oidc (easily that is).

        Popup fix worked for safari but not for brave. Good enough for me. I use Firefox focus on mobile and i don’t see any popup setting. Not surprised since it’s made for privacy from the ground up.

        I’ve had wekan installed for ages. Will have to reinstall to implement the regular user management option. Is it possible to have this feature added to CR so we can switch it from the access control section?

        girishG 1 Reply Last reply
        1
        • humptydumptyH humptydumpty

          I changed the popup setting in brave but it still won’t log in. Most definitely yes, ldap over oidc any day, but better yet, plain old user/pass. It’s not a hassle with a pass manager like vault/bit warden. Can i disable oidc server wide?

          For some apps, i like to have different accounts, like one user and one admin. I sometimes have more that are related to what I’m using the account for, personal vs business or business 1, business 2, etc. since not all apps have good user management features built-in. I’m not sure how i can do that with oidc (easily that is).

          Popup fix worked for safari but not for brave. Good enough for me. I use Firefox focus on mobile and i don’t see any popup setting. Not surprised since it’s made for privacy from the ground up.

          I’ve had wekan installed for ages. Will have to reinstall to implement the regular user management option. Is it possible to have this feature added to CR so we can switch it from the access control section?

          girishG Offline
          girishG Offline
          girish
          Staff
          wrote on last edited by
          #9

          @humptydumpty said in How do you login via oidc supported apps on mobile?:

          Can i disable oidc server wide?

          You have to choose this when installing the app. If not, then you can put in a feature request in the app section here and we can fix it up. We haven't implemented a dynamic toggle for user authentication. This is mostly because of technical reasons. Most apps cannot handle it if you switch from LDAP/OIDC to normal user mode (not in an automated fashion anyway).

          humptydumptyH 1 Reply Last reply
          1
          • girishG girish

            @humptydumpty said in How do you login via oidc supported apps on mobile?:

            Can i disable oidc server wide?

            You have to choose this when installing the app. If not, then you can put in a feature request in the app section here and we can fix it up. We haven't implemented a dynamic toggle for user authentication. This is mostly because of technical reasons. Most apps cannot handle it if you switch from LDAP/OIDC to normal user mode (not in an automated fashion anyway).

            humptydumptyH Offline
            humptydumptyH Offline
            humptydumpty
            wrote on last edited by
            #10

            @girish said in How do you login via oidc supported apps on mobile?:

            You have to choose this when installing the app.

            Most of my apps were installed pre-oidc, and it wasn't really a problem to have LDAP along with regular user management (on top of my head, WP works fine) since you could choose which cloudron account you want to log in with. When trying to reinstall Wekan, I don't see an option to select LDAP or OIDC. It says to leave management to the app or use Cloudron's.

            1 Reply Last reply
            1
            • nebulonN Offline
              nebulonN Offline
              nebulon
              Staff
              wrote on last edited by
              #11

              so yes if Cloudron usermanagement is used, it may either be OpenID or LDAP. I guess the main issue is, that wekan OpenID does not work too well on those browsers, since it is written to use a popup window, unlike most other apps, which use redirection. Maybe worth mentioning this upstream, as other non-Cloudron users would also benefit then.

              humptydumptyH 1 Reply Last reply
              2
              • nebulonN nebulon

                so yes if Cloudron usermanagement is used, it may either be OpenID or LDAP. I guess the main issue is, that wekan OpenID does not work too well on those browsers, since it is written to use a popup window, unlike most other apps, which use redirection. Maybe worth mentioning this upstream, as other non-Cloudron users would also benefit then.

                humptydumptyH Offline
                humptydumptyH Offline
                humptydumpty
                wrote on last edited by humptydumpty
                #12

                @nebulon I hopped on Wekan's repo and upon first search before posting, I found this thread:

                Partial quoting of dev's response:

                 xet7 commented Aug 29, 2023 •
                
                You can select only LDAP or OAUTH2. Not both. Dropdown selection is between one external authentication and password login.
                
                

                Source: https://github.com/wekan/wekan/issues/5109

                Will open a new ticket regarding the pop-up vs redirection suggestion.

                Issue opened: https://github.com/wekan/wekan/issues/5231

                1 Reply Last reply
                2
                • humptydumptyH Offline
                  humptydumptyH Offline
                  humptydumpty
                  wrote on last edited by
                  #13

                  Quoting dev (xet7). Issue tagged as a bug.

                  PRs welcome.
                  
                  I have tried to get using redirect working, but I did not get it working.
                  
                  1 Reply Last reply
                  1
                  • ruihildtR Offline
                    ruihildtR Offline
                    ruihildt
                    wrote on last edited by
                    #14

                    I've had the unpleasant surprise of being blocked from login on my TT-RSS instance, because suddenly OIDC is a thing, after an automatic update. 😕

                    The TT-RSS app only allows to enter a username and password, and my Cloudron account requires to use 2FA for login.

                    What are my options now?

                    1 Reply Last reply
                    1
                    • girishG Offline
                      girishG Offline
                      girish
                      Staff
                      wrote on last edited by
                      #15

                      @ruihildt not related to this thread but you have to create an app password in ttrss . See https://forum.cloudron.io/topic/10571/app-cannot-login-with-oidc

                      ruihildtR 1 Reply Last reply
                      1
                      • girishG girish

                        @ruihildt not related to this thread but you have to create an app password in ttrss . See https://forum.cloudron.io/topic/10571/app-cannot-login-with-oidc

                        ruihildtR Offline
                        ruihildtR Offline
                        ruihildt
                        wrote on last edited by
                        #16

                        @girish Thank you, somehow missed the thread.

                        1 Reply Last reply
                        0
                        Reply
                        • Reply as topic
                        Log in to reply
                        • Oldest to Newest
                        • Newest to Oldest
                        • Most Votes


                        • Login

                        • Don't have an account? Register

                        • Login or register to search.
                        • First post
                          Last post
                        0
                        • Categories
                        • Recent
                        • Tags
                        • Popular
                        • Bookmarks
                        • Search