I have a bunch of personal projects that I’m working on. They all need some for sort of authentication. I think it’d be easier to have a dedicated service to manage tokens instead of implementing it again and again for each service.
Amazon, Google and Microsoft provide something like that, but I’m looking for a self-hosted solution. Any suggestions?
Authentik has been fantastic.
Extremely flexible, and customizable. You can tailor the entire workflow.
Also, supports radius, ldap, and a few others. They keep adding new features every month.
I use keycloak for my gateway, if it doesn’t have any sort of 2FA I put oauthproxy infrint of it
Awesome, thanks!
If you use gitea, it’s just a few steps to enable it to be an OAuth2 provider. See Oauth2 Provider Docs
I started using Authentik lately and am really enjoying the passwordless life. You can set it up such that the authentication flow uses the WebAuthN standard and just prompt the user for passkey or biometric login. Super slick.
You need to reimplement TOTP on a per-service base. There are hardware tokens available, so you could use one of them (Token2, maybe?) instead on user side. You still need to allow custom secrets for your services so you can enter the token ID there. Are you sure you meant a (TOTP) token and not single sign-on?