Just a suggestion, but shouldn’t this just be labeled a generic OAuth provider? Since if it works for Authentik it should also work for most the other selfhosted providers like (Keycloak, Authelia, Kanidm…).

Just a suggestion, but shouldn’t this just be labeled a generic OAuth provider? Since if it works for Authentik it should also work for most the other selfhosted providers like (Keycloak, Authelia, Kanidm…).

Thank you for the suggestion! You’re right in suggesting a more generalized OAuth approach. However, the reason for labeling this integration specifically as "Authentik" is that it required installing and configuring a specific provider to make it work seamlessly.

An interesting alternative would be to configure the integration using SAML instead of a specific OAuth provider. This approach could provide a more generalized authentication flow and allow users to configure any compatible Identity Provider.

What do you think about this?

I don’t know a lot about SAML, as far as I am aware it’s more the legacy option used in big enterprises. But OpenID Connect is just as generic as SAML and I integrated a generic flow at my company that works for all kinds of providers including Authentik, Keycloak, Google, Okta, Auth0… basically every OpenID provider, so I am not really sure what you mean.

I would also +1 for the more generic OpenID Connect

I really want this feature too.. I wish this feature will be merged ASAP.

I would also +1 for the more generic OpenID Connect

I think it's difficult related to socialite library. there is no generic provider.

@danilomartinelli you are my hero <3 I need this for keycloak but i see that few custom nginx rewrites should make keycloak work under authentik provider.

Thanks for the PR. This is not completely working yet. I will add a few fixes and then merge it.