zrok Controller Alternative Login Options #699

icsy7867 · 2024-07-15T17:45:50Z

It would be awesome to have some other authentication options for the ZROK Controller login webpage.

I checked the docs and did not really see anything, but some low hanging (possible) fruit:

Email only magic link. No passwords! This would actually work in a lot of my use cases. It would be pretty secure in our environment and I wouldn't have to create and distribute passwords to anyone (When I know they arent going to remember it anyways!)
HTTP Header auth - A lot of tools (caddy-security, 0Auth, Authelia, Apache Mellon, etc...) can set special header values when authentication is successful. In Caddy-Security's option, when using OIDC it uses X-Token-User-Email. The login should check for this value, and assign the user based on this value. If the user does not exist, go ahead and create the user.
Of course, LDAP, OIDC, SAML, etc.... but those would probably require more intense changes to the code.

michaelquigley added the enhancement Enhancement of an existing feature label Jul 17, 2024

michaelquigley added this to zrok Development Roadmap Jul 17, 2024

michaelquigley moved this to Backlog in zrok Development Roadmap Jul 17, 2024

michaelquigley added this to the v0.5 milestone Jul 17, 2024

michaelquigley self-assigned this Jul 17, 2024

michaelquigley changed the title ~~Zrok Controller login options~~ zrok Controller login options Jul 23, 2024

michaelquigley changed the title ~~zrok Controller login options~~ zrok Controller Alternative Login Options Jul 23, 2024

michaelquigley added the epic Top-level marquee features label Aug 6, 2024

michaelquigley modified the milestones: v1.0, v1.1 Oct 9, 2024

Provide feedback