Hacker Timesnew | past | comments | ask | show | jobs | submitlogin

Indeed. It is slightly misleading at first glance. But the author has stated that it is incomplete. ZITADEL(https://zitadel.com/), for example, pretty much checks almost all the boxes.


Which not? Thank you!


ZITADEL doesn't support anonymous clients. Honestly, it's not the best practice anyway.

As for Forward Auth, the concept can be a bit fuzzy, and from what I gather, ZITADEL doesn't really support that.

Trusted Header Auth might work in some scenarios, but that definition is also a bit fuzzy, so hard to say for sure.


> ZITADEL doesn't support anonymous clients. Honestly, it's not the best practice anyway.

How would you accomplish the same thing using best practices? The closest is dynamic client registration without requiring an initial access token, but that still requires clients to support the protocol, and I know at least the Jellyfin and Discourse OIDC plugins do not. And even if they did what do you gain over anonymous auth?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: