Public Services with Cloudron SSO or OIDC?

Reply to Public Services with Cloudron SSO or OIDC? on Thu, 08 Jun 2023 14:41:48 GMT

marcusquinn — Thu, 08 Jun 2023 14:41:48 GMT

Perhaps this is more suited to a Keycloak instance?

Reply to Public Services with Cloudron SSO or OIDC? on Thu, 08 Jun 2023 12:57:39 GMT

LoudLemur — Thu, 08 Jun 2023 12:57:39 GMT

Logging in with a Big Data account like Google might be convenient, but what happens if (when!) Google decides to suspend your account? Apart from this, there is creep in some applications where login through a proprietary software account is mandatory. If there is an alternative, it is to another proprietary, Big Data service. I hope this doesn't become the "new normal". I saw one case like this just earlier on today. It was for some beta access to a product. I didn't proceed.

Stuff like this is, in my view, creep towards a dystopic, techno-surveillance state, where you require a (Big Data verified) online identity to move anywhere in the internet, where there is zero prospect of anonymity, where persecution by The Powers That Shouldn't Be becomes effortless for them, where society can be shaped and culled in any way they like.

It is just my take on the subject. I hope you don't mind me leaping into your thread like this.

Reply to Public Services with Cloudron SSO or OIDC? on Thu, 08 Jun 2023 09:59:15 GMT

Kubernetes — Thu, 08 Jun 2023 09:59:15 GMT

Understood, so the use case is really to configure services I own, only.

Reply to Public Services with Cloudron SSO or OIDC? on Thu, 08 Jun 2023 09:57:47 GMT

girish — Thu, 08 Jun 2023 09:57:47 GMT

I imagine it will be complicated to keep the URL, Client ID/secret configurable.

Reply to Public Services with Cloudron SSO or OIDC? on Thu, 08 Jun 2023 08:41:12 GMT

Kubernetes — Thu, 08 Jun 2023 08:41:12 GMT

Got it, thank you.
I understand the point, but I was hoping there are some services which allow the user to configure the OIDC provider themself

Reply to Public Services with Cloudron SSO or OIDC? on Thu, 08 Jun 2023 08:32:46 GMT

luckow — Thu, 08 Jun 2023 08:32:46 GMT

Take flicker as an example. My technical understanding, in short: no, never. Not for reddit.com or anything else. Someone from the reddit development team read https://developers.google.com/identity/openid-connect/openid-connect and integrated this service into the login dialog of reddit.com. Because so many people have a Google account, this is very convenient for them.
Imagine if they had decided to support byo-OIDC, it would end up something like this

Reply to Public Services with Cloudron SSO or OIDC? on Thu, 08 Jun 2023 08:17:50 GMT

Kubernetes — Thu, 08 Jun 2023 08:17:50 GMT

I understood that Cloudron can provide OIDC to become the authentication Provider for services that support OIDC. If that is the case, I wonder what public services exist that can use Cloudron OIDC for user logins. Similar to what we see when some pages allow login with "Google Account" or "Apple Account"...

At flicker I didn't see any possibility to login with anything else than a flicker account.

Reply to Public Services with Cloudron SSO or OIDC? on Thu, 08 Jun 2023 08:11:48 GMT

luckow — Thu, 08 Jun 2023 08:11:48 GMT

I did not understand the question. Maybe this one? Website: flicker.com - possibility to connect your my.example.org Cloudron OIDC? In short, no, never.