Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse

Cloudron Forum

Apps | Demo | Docs | Install

Why self-hosting is important (this time: identity providers)

Scheduled Pinned Locked Moved Off-topic
8 Posts 5 Posters 389 Views
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • luckowL Offline
    luckowL Offline
    luckow translator
    wrote on last edited by
    #1

    https://techcrunch.com/2022/03/22/okta-january-hack-breach/

    Since Cloudron 7.1.x you are able to be your own identity provider. Let's hope something like keycloak comes to the App Store and you don't have to rely on third parties anymore.

    Pronouns: he/him | Primary language: German

    robiR L 2 Replies Last reply
    7
  • girishG Do not disturb
    girishG Do not disturb
    girish Staff
    wrote on last edited by
    #2

    okta's update https://www.okta.com/blog/2022/03/updated-okta-statement-on-lapsus/ but lapsus has replied on telegram. You can read it all here - https://news.ycombinator.com/item?id=30769537

    1 Reply Last reply
    1
  • robiR Offline
    robiR Offline
    robi
    replied to luckow on last edited by
    #3

    @luckow said in Why self-hosting is important (this time: identity providers):

    Since Cloudron 7.1.x you are able to be your own identity provider.

    For the other users reading this later, perhaps detail how this is possible.

    Life of sky tech

    L 1 Reply Last reply
    4
  • L Offline
    L Offline
    LoudLemur
    replied to robi on last edited by
    #4

    @robi
    Federated, self-hosted identity provision could be a very important alternative to state-imposed digital ID. I think there is a real prospect of our governments shutting people out from society/internet connection unless they comply with their own digital passports, which might end up going from phones to being implanted into our bodies. Some people argue this has already happened.

    fbartelsF robiR 2 Replies Last reply
    2
  • fbartelsF Offline
    fbartelsF Offline
    fbartels App Dev
    replied to LoudLemur on last edited by
    #5

    @LoudLemur said in Why self-hosting is important (this time: identity providers):

    state-imposed digital ID

    While it's important to have federation of ids and not just trust some big corporation. The thing is however that there are some cases where you need a verified id (legal transactions) and for these there is almost no way around either an id coming from your country of residence or maybe another institution such as banks.

    In the netherlands we have https://www.digid.nl/ which makes life so much easier.

    1 Reply Last reply
    3
  • robiR Offline
    robiR Offline
    robi
    replied to LoudLemur on last edited by
    #6

    @LoudLemur I agree with you. The why is obvious.

    However that doesn't address my previous message; as in How to do this with Cloudron to support X million users.

    Life of sky tech

    luckowL 1 Reply Last reply
    2
  • luckowL Offline
    luckowL Offline
    luckow translator
    replied to robi on last edited by
    #7

    @robi To give a few words of clarification. My intent was not to say: hey, build the new Okta with your Cloudron instance (on say a $20 VPS at Digitalocean).

    Having your own identity provider means, in my world: you don't have to rely on third-party software to connect YOUR users to apps. In the first step (with Cloudron v. 7.1.x), all your users in Cloudron LDAP use locally installed apps and also apps running outside your Cloudron with an LDAP connector.
    You can scale some apps (e.g., Gitlab) to a separate VPS or bare metal and connect that app to your Cloudron instance. Or install apps that are not available in the app store.
    Limitation: you need apps with LDAP capabilities.

    If the Cloudron app store offers an app like Keycloak or Authentik, you also have the option of connecting apps via OpenID Connect or Oauth.

    What we don't get in the short term: Cloudron LDAP/SSO as a social login button on relevant third party SaaS offerings 😉 That's the place for auth0, twitter, facebook, gitlab, github ....

    Pronouns: he/him | Primary language: German

    1 Reply Last reply
    5
  • L Offline
    L Offline
    LoudLemur
    replied to luckow on last edited by
    #8

    @luckow Events like this might be useful for some targeted marketing. If Cloudron kept a blog of some sort, we might be able to recruit new users by publishing a story highlighting how Cloudron self-hosting can offer an alternative to the usual, proprietary options.

    In this case, people might be looking for some other solution for providing identity. After creating the article, ensuring that it is disseminated to platforms where it is more likely to receive a read would help. It would need visiting sites like slashdot, reddit, etc and linking the story with a brief introductory paragraph.

    1 Reply Last reply
    0

  • Login

  • Don't have an account? Register

  • Login or register to search.
  • First post
    Last post
0
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Login

  • Don't have an account? Register

  • Login or register to search.