Hi folks! Today I have asked myself if I could login with one (no, not google or apple or micosoft) account in all the (30 I think) forums that I have to use as a FOSS admin. Nextcloud Forum, Ubuntu Forum, Mint forum, Makemkv Forum, Papermc Forum, linux.org, etc.

We obviously are on a forum-like social platform but we cant make people use this as their forum I suppose. Ideally, I'd like to federate "all forums" so to speak but that would probably take a shit ton of work. https://socialhub.activitypub.rocks/t/does-this-forum-use-activitypub/2545/2

If not federate the content, maybe federate the logins. So that the profiles federate from one place to the next and you can login anywhere without having 30 different passwords for one "service" (forum in this case).

The next step down would be a foss SSO solution. There seem to be some but I hardly see any pages mention them possibility at all. https://sennovate.com/best-open-source-single-sign-on-solutions/

Am I missing something or is this still in the distant future?

Thanks for reading. Have a good one.

you are viewing a single comment's thread
view the rest of the comments

[–] davidgro@lemmy.world 6 points 2 years ago (1 children)

I think one issue is that it might be hard to keep a malicious server owner from sniffing or phishing your creds. I guess the big commercial SSO systems depend on companies being large enough to afford it, as a filter for fly-by-night operations.

[–] Zak@lemmy.world 6 points 2 years ago (1 children)

It's really easy because the site you're logging into never gets creds. It gets a cryptographic signature it can check against a public key.

[–] davidgro@lemmy.world 5 points 2 years ago

That's true if the form the user sees is actually the one they expect to see from their SSO origin server