Future of Web Single Sign On in KDE

Carl Schwan carl at carlschwan.eu
Mon Jul 18 20:40:48 BST 2022


on mobile so sorry for top posting

fund.krita.org is using just plain oauth2 so it should be fine. Adding more auth options should also not be too hard for fund.krita.org and probably a good idea in any cases.

What I wonder though, is how you plan to do the migration. identity uses the old username has unique identifier, something we want to move away (main reasons is that people change names for various reasons). my.kde.org uses a uuid instead and that makes it more future proof. It is possible to use the uuid from my.kde.org in gitlab? I remember some big trouble with the migration (and some nasty emails) and it would be good to avoid that again.

Also did you consider using keycloak/freeIPA? These are very solid system that provides oauth2, openid connect, saml and ldap. unfortunately like we learned with mykde, oauth2 only is not really ideal, and openid connect, saml and ldap are way more standardized.

Cheers,
Carl

-------- Original Message --------
On Jul 18, 2022, 20:53, Ben Cooksley wrote:

> On Tue, Jul 19, 2022 at 2:40 AM Halla Rempt <boud at valdyas.org> wrote:
>
>> On zondag 17 juli 2022 11:54:27 CEST Ben Cooksley wrote:
>>
>>> I'd therefore like to move away from both Identity and MyKDE to Gitlab.
>>
>> What will that mean for fund.krita.org? That currently uses mykde, and that already is a problem for quite a few people to figure out how to create an account and login.
>
> The Krita Fund will need to be sorted out separately, as the Blender Fund app from which it is sourced is fairly tightly coupled with Blender ID (which is where MyKDE came from).
> There is also the slight issue of it's dependence on Braintree.
>
> As Ingo points out though, for user focused sites allowing a variety of login providers is likely the best path forward.
>
>> Halla
>
> Cheers,
> Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.kde.org/pipermail/kde-community/attachments/20220718/56ef4f36/attachment.htm>


More information about the kde-community mailing list