Configurable OpenID provider/authentication methods #904
Comments
|
@ernestask would be Okta an option for you? |
|
Well, for the Fedora instance, we want to keep things as is, but this is more to help internal deployments, where it doesn’t make sense to do so. It’s just to allow using something else, not to switch to a specific product. |
|
@ernestask yes, that is what I meant. Supporting multiple OpenID providers |
|
Even something as basic as local users would be an improvement to avoid FAS OpenID. |
|
OpenID is not widely used anymore nowadays, It would probably make sense to support OpenID-Connect (OIDC), which is basically OAuth2, just more standardized and tailored towards login instead of accessing APIs like OAuth2 itself. |
|
This is merely an implementation detail. We don’t even have the necessary abstractions to talk about that right now. |
We currently don’t allow anything other than Fedora to provide authentication for us:
faf/src/webfaf/login.py
Line 18 in c7112a0
It would be good to at least be able to configure this. Bonus points for alternative methods.
The text was updated successfully, but these errors were encountered: