fediversity/fediversity
13
2
Fork 6
Code Issues 160 Pull requests 27 Projects 1 Activity Actions

single sign-on (SSO) for services #212

New issue
Open
opened 2025-02-28 08:49:09 +01:00 by kiara · 0 comments
kiara commented 2025-02-28 08:49:09 +01:00
Owner
Copy link

As a Fediversity user,
given I run multiple Fediversity applications,
I want my users to be able to log in across these services using a single account,
so that they may enjoy a streamlined authentication experience across my services.

implementation notes

  • selfhostblocks support
    • their OIDC SSO of authelia looks reasonable
  • provision SSO like kanidm-provision (does not integrate with LDAP)?
  • c.f. #337, which provides for central user management behind such SSO
  • app-specific integrations:
  • c.f. contract support (#605)

application OIDC support (c.f. apps-sheet):

  • mastodon:
  • pixelfed:
  • peertube:
  • nextcloud: 1 2
**As** a Fediversity user, **given** I run multiple Fediversity applications, **I want** my users to be able to log in across these services using a single account, **so that** they may enjoy a streamlined authentication experience across my services. ### implementation notes - selfhostblocks support - their OIDC SSO of [`authelia`](https://github.com/authelia/authelia) looks reasonable - provision SSO ~~like [`kanidm-provision`](https://github.com/oddlama/kanidm-provision)~~ (does not integrate with LDAP)? - c.f. #337, which provides for central user management behind such SSO - app-specific integrations: - nextcloud login: [`user_oidc`](https://github.com/nextcloud/user_oidc) - c.f. contract support (#605) application OIDC support (c.f. [apps-sheet](https://git.fediversity.eu/fediversity/apps-sheet/src/branch/main/apps.ods)): - mastodon: [✅](https://github.com/mastodon/mastodon/pull/16221) - pixelfed: [❌](https://github.com/pixelfed/ideas/issues/14) - peertube: [✅](https://www.npmjs.com/package/peertube-plugin-auth-openid-connect) - nextcloud: ✅ [1](https://apps.nextcloud.com/apps/oidc_login) [2](https://apps.nextcloud.com/apps/user_oidc)
kiara changed title from SSO for services to single sign-on (SSO) for services 2025-05-21 12:13:36 +02:00
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
main
ci/pixelfed
pixelfed-ci
No results found.
Labels
Clear labels   
0 points

fibonacci complexity: 0 points

  
0.5 points

fibonacci complexity: 0.5 points

  
1 point

fibonacci complexity: 1 point

  
13 points

fibonacci complexity: 13 points

  
2 points

fibonacci complexity: 2 points

  
21 points

fibonacci complexity: 21 points

  
3 points

fibonacci complexity: 3 points

  
34 points

fibonacci complexity: 34 points

  
5 points

fibonacci complexity: 5 points

  
55 points

fibonacci complexity: 55 points

  
8 points

fibonacci complexity: 8 points

  
api service

features that may relate more to a (to be created) API service

  
blocked

   
component: fediversity panel

   
component: nixops4

   
documentation

   
estimation high: >3d

   
estimation low: <2h

   
estimation mid: <8h

   
infinite points

fibonacci complexity: infinite points

  
productisation

features out-scoped with the decoupling of the productisation effort

  
project-management

Project management related tasks

  
question

   
role: application developer

   
role: application operator

   
role: hosting provider

   
role: maintainer

   
security

   
technical debt

   
testing

   
type unclear

   
type: bug

Anything that doesn't work as advertised

  
type: deliverable

   
type: key result

   
type: objective

   
type: task

   
type: user story

   
user experience
No labels
0 points
0.5 points
1 point
13 points
2 points
21 points
3 points
34 points
5 points
55 points
8 points
api service
blocked
component: fediversity panel
component: nixops4
documentation
estimation high: >3d
estimation low: <2h
estimation mid: <8h
infinite points
productisation
project-management
question
role: application developer
role: application operator
role: hosting provider
role: maintainer
security
technical debt
testing
type unclear
type: bug
type: deliverable
type: key result
type: objective
type: task
type: user story
user experience
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Blocks
#161 connecting an existing identity management service
fediversity/fediversity
#289 key features improving user experience supported
fediversity/fediversity
#337 operator can delegate user management
fediversity/fediversity
#613 User management
fediversity/fediversity
Depends on
#228 [D2.3] brought into production [2027-11-01]
fediversity/fediversity
Reference: fediversity/fediversity#212
No description provided.
Delete branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?