Open andrewkrug opened 5 years ago
We have been talking about on turning Cerberus into a Gradle multi-project setup where different modules could be enabled / disabled via configuration. Very similar to how Kayenta is set up.
After we do this, we are thinking about scrapping the current user auth flow and creating a new one that is specific to OKTA (maybe it can be generic) and using the oath flow. This would establish a pattern for others wanting to make a module for XXXXX identity provider, and allow use to scrap our custom MFA stuff which doesn't work that well.
@fieldju I would of course advocate for a web standard. Okta and Auth0 both support great OIDC flows. I'd be happy to advise on how we've decoupled this in a couple of our other apps as well using an auth proxy.
It would be great to support standards compliant OIDC for integration as an alternative to the direct integration with the Okta API. This would open the door for Cerberus to integrate with a variety of auth providers (including Okta).