Mastodawn

This week I am getting intense amount #Identity knowledge from my amazing teammates in #SUNET. So many things are becoming clearer!!! #Sweden #SAML #OIDC

DefectiveWings ✈️

2d ago

#Nagios and #Bookstall are finally sitting behind #Authelia!

#sysadmin #oidc

IAMDevBox 5d ago

Dive into the OpenID Connect authentication flow with clear visuals and examples. Perfect for developers looking to secure their applications.

https://iamdevbox.com/posts/oidc-authentication-flow-a-visual-guide-with-examples/?utm_source=mastodon&utm_medium=social&utm_campaign=blog_post

#oidc #authentication #flow #iamdevbox

Štěpán Škorpil Jun 17

I just discovered, #Vaultwarden got single sign on support over #OIDC. I have to set it up soon.
https://github.com/dani-garcia/vaultwarden/wiki/Enabling-SSO-support-using-OpenId-Connect

Enabling SSO support using OpenId Connect

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs - dani-garcia/vaultwarden

GitHub

Show thread

Super Owl Jun 16

I've managed to get #Forgejo integrated with #Authelia. I'm now trying to integrate #Kanboard with Authelia as well. Authelia continues to seem pretty decent, in that the error messages are more helpful. Debugging is easier, and I guarantee plenty of troubleshooting awaits those wanting to follow a similar path. It seems that #OIDC integration is still a new-fangled thing to many #OpenSource projects, and it's sort of treated in this second-class-citizen way. Like with Kanboard, OIDC functionality is in a plugin; isn't integrated with stock Kanboard. And even enabling the use of plugins whatsoever is *itself* a second-class feature in Kanboard. #infosec #DataSovereignty

Analyst207 Jun 15

SimpleHelp vulnerability exposes servers to rogue remote support accounts

A critical vulnerability in SimpleHelp, known as CVE-2026-48558, lets hackers create rogue remote support accounts and gain privileged access to servers, allowing them to execute scripts and wreak havoc on your system. This gaping security hole enables unauthenticated attackers to bypass multi-factor authentication and log in as a…

https://osintsights.com/simplehelp-vulnerability-exposes-servers-to-rogue-remote-support-accounts?utm_source=mastodon&utm_medium=social

#Cve202648558 #OpenidConnect #Oidc #MfaBypass #Vulnerability

SimpleHelp vulnerability exposes servers to rogue remote support accounts

Learn how CVE-2026-48558 exposes SimpleHelp servers to rogue remote support accounts and take immediate action to secure your servers now with expert guidance.

OSINTSights

viq Jun 14

#Jellyfin #SSO plugin https://github.com/9p4/jellyfin-plugin-sso has been archived ("I'm tired of working on this after all the years", which, fair).
But it looks like it was forked into https://github.com/eddymoulton/jellyfin-plugin-oidc and development contiues, limiting itself to #OIDC but without #SAML
Nice!

#SelfHost #SelfHosting #HomeLab

GitHub - 9p4/jellyfin-plugin-sso: This plugin allows users to sign in through an SSO provider (such as Google, Microsoft, or your own provider). This enables one-click signin.

This plugin allows users to sign in through an SSO provider (such as Google, Microsoft, or your own provider). This enables one-click signin. - 9p4/jellyfin-plugin-sso

GitHub

bertrand 🏃 👨‍💻 🎸Jun 13

Packing 🧳
#oidc #rbac

Michael Jun 9

I've installed Pocked ID recently and switched many of my self hosted services over to it, and I absolutely love it! It's pretty, it's fast, it works really well!

Pocket ID is an Open ID provider that you can use for self hosted Single Sign On.

https://pocket-id.org

I just wish more services supported it!

#PocketID #SSO #SelfHosting #OpenID #OIDC