External auth/OIDC #3163
Comments
|
Even bigger orgs need OIDC. |
|
I agree. LDAP integration would be awesome! 👍🏻 |
|
Also interested in this feature. |
|
I think it's also worth noting that with the rise of self-hosted SSO solutions (Authentik, Zitadel, Keycloak, Authelia, Pocket ID, etc.), this is a feature that was rather niche a few years ago, but is now of increasing importance in the self-hosting space. |
|
My org uses Okta SSO for all of its applications, and SSO is an expectation, particularly for anything data sensitive like a site analytics app, we can't have people leave the business and accidentally leave their logins in place in an app like this |
|
SSO is literally Single Sign on. You don't want people to memorize different logins for different apps used in an Org. With SSO, they can login using their email or LDAP accounts to all the apps. This is a must feature. |
Describe the feature or enhancement
Hi!
I'm interested in tying in Umami to a collection of apps I'm self-hosting, but Umami rolling its own authentication model that can't be side-stepped make it a much larger hassle than (without exception) every other service I'm currently running, which all either support OIDC/LDAP intergration or (in more simple cases) can have have auth disabled and insert an auth check in the reverse proxy.
I see this has come up before #1112, but since that issue has been closed as stale it seems like a new issue might be warranted. With a separate authentication service (including roles like admin) has already been set up, it's a pity when that can't be reused, duplicate accounts need to be created, and there's no longer one single place to manage who has access to what resources.
The text was updated successfully, but these errors were encountered: