Standards-based Authentication using OpenID Connect

Created by: agropper

On today's hacker call we discussed single-sign-on (SSO) authentication and authorization standards from the FreedomBox perspective. Standards-based SSO would improve usability for many FreedomBox apps. It could also be a showcase and a driver for more decentralized and privacy-preserving approaches to SSO than the typical "social login" model. For example, it was suggested that an OpenID Connect server could leverage and help promote Monkeysphere. For another example, integration of OAuth2 and OpenID Connect capability into Plinth would make it much easier for projects like HIE of One to introduce person-centered standards-based authorization to access RESTfull personal information APIs.

We could start by adding OpenID Connect client capability to Plinth that would streamline registration and authentication of guests with standards-based identity provider accounts.