Writing tagged "sso"
SSO for Frigate with Keycloak
A growing fleet of services makes it more messy to have separate credentials for each of them. I’ve been tinkering with single sign on (SSO) with the goal to have one account per person for all the services in my home network. Not just HTTP, but other protocols as well, but I haven’t gotten to the latter part yet.
Fortunately, many popular pieces of software come with SSO support out of the box, typically OpenID Connect (OIDC) via OAuth2 rather than the more enterprise-y SAML. Grafana has built-in OIDC support, there are multiple OIDC addons for Home Assistant, and Miniflux, Open WebUI, and Paperless-NGX just work.
Synology DSM was a huge pain, because it provides no feedback as to why the current configuration isn’t working - just “talk to your administrator”. My brother in christ - I am the administrator.
Frigate proved to be challenging in a slightly different way.
As a bonus, I’m running my own private key infrastructure, so all the parts talking to each other need cooperate with certificates signed by my own certificate authority.