SSO Alternative login options

[madeofpendletonwool]

I would like to implement an option for users to login with external accounts and not rely directly on Pinepods to manage their accounts. Supporting open source options for external account management should be a priority as well

• External SSO Options in Settings (yes more than one)
• Database Adjustments to allow for external options
• Github Login
• Google Login
• Open Source External Login Equivalent
• Ability to Add SSO Options
• Ability to Remove SSO Options
• Settings Component for SSO Setup
• Automatic and Graceful User Setup
• Ability to setup SSO Settings using optional docker variables from the start
• Customization of SSO Buttons

[UncleArya]

This would be a GREAT feature! I had been using Authentik for all my server SSO but this week I have been moving everything over to Pocket ID and really loving how dead simple it is. I believe most of the self hosted SSO services use OIDC.

[madeofpendletonwool]

Thanks for the @UncleArya! Saves me from needing to looking around for the open source OIDC provider that I'll recommend to users. Actively maintained, looks great, written in golang, uses a well-defined standard, it checks all the boxes. I'll implement support for generic OIDC and in Pinepods recommend Pocket ID.

I'll also spin it up myself and use it for testing as I implement OIDC support for Pinepods

[madeofpendletonwool]

I've landed on just implementing OIDC for SSO. Using Pocket ID it currently works great. I suspect most other OIDC self-hosted apps probably already do as well but haven't tested them. Authentik, Authelia etc. but haven't tested those yet. Github and Google implement specific scopes and work slightly different, so working on those yet.