Comment by arjvik
4 hours ago
What's your (OSS?) OIDC server of choice?
Authelia? Authentik? Keycloak? (These are the three I see a lot about.) Something else?
4 hours ago
What's your (OSS?) OIDC server of choice?
Authelia? Authentik? Keycloak? (These are the three I see a lot about.) Something else?
Adding another +1 to Pocket ID. I looked at a couple of the ones you mentioned but they looked too heavy and complex for what I wanted. Pocket ID does one thing and does it well.
Pocket ID[1] is what I use, and I cannot recommend it enough. It's an incredible project.
[1] https://pocket-id.org
I've used Authelia for a few years and it's great. It does exactly what I need/want. Not more, not less. It's also never failed me.
For self hosting, PocketID is about as easy to set up and maintain as it gets.
Can recommend Kanidm
Kanidm made some weird decision that ruled it out in one of big organisation I try to deploy it. Separate Radius password. For telco that’s half its use cases, and there is separate random password. Whole Network engineering department was like WTF ? You can’t have single password which is one of important reasons to have SSOA.