🌻ServicesSingle-Sign-On
Cyberia Single Sign-On
This is a stub.
This is a placeholder for a single sign-on system to be selected and built for cyberia. It does not yet exist.
Rough Criteria:
-
OpenID Connect with .well-known/openid-configuration
-
WebAuthN Passkey support
Unstructured Thoughts:
-
Forgejo is able to act as an identity provider
-
SSH key management would be excellent. Maybe an agent too.
Candidates
rauthy
-
Forest suggested
Forgejo
-
Already deployed and maintained
-
Limited oidc grant-type support
-
"At the moment, Forgejo only supports the Authorization Code Grant standard"
Duende IdentityServer
-
C# Server
-
kbot has experience building custom identity servers using duende.
-
Fully customizable in code. We can customize for any out-of-band cases.
-
Proprietary, but free license <$1M revenue.
OpenIddict
-
C# Server
-
Apache 2.0 license
-
Most or even all the features of duende
-
Somewhat streamlined C# sdk