On weekend I managed to connect all my selfhosted services that support it to the #Keycloak#SSO (single sign on).
Namely #Mastodon#Peertube#NextCloud #FreshRSS#Matomo and #grafana

Why to bother with such complication for apps serving only a couple of users?
First it's quite easy nowadays.
And second, because I want to get rid of passwords and just use #passkeys .

This is one of many examples showing that good apps should just focus on one task and just use standards to cooperate with other apps focusing on other tasks.

Peertube for example focuses on videos, not user management. I am very OK that they don't support passkeys, because they implemented OpenId Connect standard to allow me use Keycloak for better login options.

On the other hand, I am quite sad that SSO is often the one feature, that is proprietary and reserved only for paying customers. SSO is not for huge corporations anymore. It's also usefull for us, selfhosters with couple of users.

❤️

Support for #keepassDX in progress 🌱 https://github.com/Kunzisoft/KeePassDX/issues/1421

Tant de bo tinguessin #Passkeys arreu, en tots els servidors, bancs, oficines virtuals de les administracions etc. No hi haurien robatoris de contrasenyes perquè no hi hauria cap per robar!

Les claus d’accés (#Passkeys) són una forma moderna i segura d’iniciar sessió sense necessitat de contrasenyes tradicionals. Funcionen amb autenticació biomètrica (digital o facial) i utilitzen criptografia de clau pública per verificar la teva identitat.

Com funcionen?
1. quan crees una passkey, el teu dispositiu genera un parell de claus:
- Clau privada (emmagatzemada de forma segura al teu dispositiu).
- Clau pública (enviada al servidor del lloc web o app).