Erik1000
commented
2 years ago Maybe this would even allow for deeper integration into existing authentication systems like LDAP or SSO
Open Erik1000 opened 2 years ago
Erik1000
commented
2 years ago Maybe this would even allow for deeper integration into existing authentication systems like LDAP or SSO
It is preferable to use an oauth2/openid connect system which can handle all kinds of things for authentication.
One problem is that we currently only send the secret key material after an successful authentication. If we use oauth2, we probably have to make the secret key material accessible with a query all the time with the authentication token.
If we touch our authentication system again, we will address this.