dokploy icon indicating copy to clipboard operation
dokploy copied to clipboard
verified publisher icon Dokploy

Support use sso (like OIDC .etc) to login or signup Dokploy

Open Hoshino-Yumetsuki opened this issue 8 months ago • 1 comments

What problem will this feature address?

Permissions management and user management issues

Describe the solution you'd like

Support for SSO login and registration for Dokploy

Describe alternatives you've considered

Additional context

No response

Will you send a PR to implement it?

No

Hoshino-Yumetsuki avatar Apr 24 '25 02:04 Hoshino-Yumetsuki

This is actually not too difficult now that Dokploy has moved to better-auth - there's a dedicated plugin for it:

  • https://www.better-auth.com/docs/plugins/sso

nktnet1 avatar May 19 '25 07:05 nktnet1

Also would love to see this feature. Integrating with OIDC will make this an easy sell for my team. I think that's the only hold up.

I would be happy to start working on a PR for this once I have some free time.

BradHacker avatar Aug 15 '25 18:08 BradHacker

@BradHacker Have you started/finished working on this yet? I was working on this myself and then I found this issue so I want to confirm it before I start/keep working on a "duplicate" feature :)

P.S. I haven't got very far yet as I just started but I would still like to confirm if you already have it setup or not.

DevKoenv avatar Sep 18 '25 07:09 DevKoenv

@BradHacker Have you started/finished working on this yet? I was working on this myself and then I found this issue so I want to confirm it before I start/keep working on a "duplicate" feature :)

P.S. I haven't got very far yet as I just started but I would still like to confirm if you already have it setup or not.

No I haven't. Glad to see movement on this.

BradHacker avatar Sep 18 '25 14:09 BradHacker

Also interested in seeing this in Dokploy!

thewilloftheshadow avatar Sep 20 '25 14:09 thewilloftheshadow

+1

junkaiman avatar Sep 24 '25 06:09 junkaiman

Alright, small update for everyone. I've managed to have a working version of an OIDC provider that is stored in the database. I'm now just working on the UI for saving and enabling the providers.

Small note, I'm at a problem that I would probably need to restart the dokploy instance since i can't hot-reload the better-auth instance (at least I cannot find a way to do it).

Todo List

  • [x] Setup hardcoded OIDC/oAuth provider for testing
  • [x] Create a db schema for storing the providers
  • [x] Get the providers from the db instead of hardcoded
  • [x] Show buttons for each (enabled) provider that is stored in the db
  • [ ] Create a settings page for managing the providers
  • [ ] Update the providers in the better-auth config
    • Probably need to restart the entire dokploy service for this, if you have suggestions on how to do this please suggest those.
    • UPDATE: I just found out that i could have used the SSO plugin instead of the Generic OAuth plugin so... I guess I'll rework it seeing as this also has SAML support (I cannot test this since I do not own/have no idea on how to temporarily spin up a SAML provider) and can dynamically register a idp (await auth.api.registerSSOProvider({...})).
  • [ ] Clean up my messy and ugly code
  • [ ] Check if i have followed each convention (probably not)
  • [ ] Create pull request

DevKoenv avatar Sep 30 '25 20:09 DevKoenv

For all watchers, someone else has just opened a PR that adds an OIDC provider to Dokploy in #2776

DevKoenv avatar Oct 08 '25 07:10 DevKoenv