Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Feature request] OIDC login #434

Open
MitPitt opened this issue Mar 12, 2024 · 7 comments · May be fixed by #617
Open

[Feature request] OIDC login #434

MitPitt opened this issue Mar 12, 2024 · 7 comments · May be fixed by #617
Assignees
@boris-w
Labels
feature roadmap This looks great. We want to make it happen.

Comments

@MitPitt
Copy link

MitPitt commented Mar 12, 2024

Currently only email+password login is available. OIDC will allow teable to have alternatives like Google login, self-hosted OIDC servers, and many others. It is crucial for me to have this alternative for my use case.
@boris-w
Copy link
Contributor

boris-w commented Mar 13, 2024

Currently only email+password login is available. OIDC will allow teable to have alternatives like Google login, self-hosted OIDC servers, and many others. It is crucial for me to have this alternative for my use case.

Hey, I feel like I might understand what you're saying. Is this what you want? #432

@MitPitt
Copy link
Author

MitPitt commented Mar 13, 2024

Yes. Except there are too many possibilities besides Google and Github. So it would be good to have a generalized setting for any OIDC server. Personally I use Authentik.

I want to be able to specify a generic OIDC config, client id, and secret. Here are examples of how other projects did it:

  1. https://docs.getoutline.com/s/hosting/doc/oidc-8CPBm6uC0I
  2. https://immich.app/docs/administration/oauth

I have seen other projects use this to support custom OIDC providers:

@boris-w
Copy link
Contributor

boris-w commented Mar 13, 2024

Yes. Except there are too many possibilities besides Google and Github. So it would be good to have a generalized setting for any OIDC server. Personally I use Authentik.

I want to be able to specify a generic OIDC config, client id, and secret. Here are examples of how other projects did it:

  1. https://docs.getoutline.com/s/hosting/doc/oidc-8CPBm6uC0I
  2. https://immich.app/docs/administration/oauth

I have seen other projects use this to support custom OIDC providers:

That sounds like a great idea! I appreciate your input and sharing those examples. I agree that having a generalized setting for any OIDC server would be very beneficial. I want to make it happen.

@boris-w boris-w self-assigned this Mar 13, 2024
@boris-w boris-w added feature roadmap This looks great. We want to make it happen. labels Mar 13, 2024
@mz0in
Copy link

mz0in commented Mar 13, 2024
edited
Loading

hi @boris-w that's greet , but OIDC alone is not enough I think , since the application can be used in local hosting or in internal application etc .. , a more control is needed on user registration , creation , such as giving the admin or group of admin the option to create user roles and permissions , and the option to create / upload or import a list of users and roles / permissions , for a example a super admin can have all options , custom admin can have the option to add new users but ca not modify or delete a role or user and vise versa etc .. it's partly implemented in the Api , but it need to be more related to users and Authentications etc ..

@boris-w
Copy link
Contributor

boris-w commented Mar 13, 2024

hi @boris-w that's greet , but OIDC alone is not enough I think , since the application can be used in local hosting or in internal application etc .. , a more control is needed on user registration , creation , such as giving the admin or group of admin the option to create user roles and permissions , and the option to create / upload or import a list of users and roles / permissions , for a example a super admin can have all options , custom admin can have the option to add new users but ca not modify or delete a role or user and vise versa etc .. it's partly implemented in the Api , but it need to be more related to users and Authentications etc ..

Absolutely, I completely agree with you. Enhancing user registration and management capabilities, including user roles, permissions, and authentication controls, is definitely on our radar. We're actively working on plans to address these aspects and incorporate them into our platform. Your input is greatly appreciated, and we're committed to improving the user experience in this regard. Thank you for sharing your thoughts!

@mz0in
Copy link

mz0in commented Mar 13, 2024

@boris-w Happy to hear that, the team is already done a Great work , Also managing database connections with many Postgres instances or database would be super

@Node815
Copy link

Node815 commented May 5, 2024

I came here to ask for this as well. I also use Authentik, but with a generalized OIDC integration, this would completely enhance the user experience. I run this locally for now, but want to also disable user registration as an option. My goal is for myself and my wife to use it to record certain aspects of our health, such as pain logs, sleep logs and more. I also use it for different data sets I have. For her to use this, it would be easier to just sign in automagically (OIDC) on our domain rather than fuss with a UN/PW combo. :)

@boris-w boris-w linked a pull request May 22, 2024 that will close this issue
feat: support OIDC #617
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@boris-w boris-w

Labels
feature roadmap This looks great. We want to make it happen.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: support OIDC teableio/teable
4 participants
@mz0in @MitPitt @Node815 @boris-w