@zash Many of my services are connected to my sso service. It would be fine if my xmpp server also used the same sso. Benefits are clear: single credential portal for accesing many services, better security, support for passwordless login...
I see. This seems to be what everyone expects. However it is backwards, it lets you use the XMPP server as an IdP for signing into XMPP without the client application seeing passwords.
There is however overlap with the SSO against an existing IdP use case and that is also possible, with different configuration, if with more friction due to how existing OAuth2 things tend require that application developers register their application ahead of time.
@zash Oh. I see it now. What a disappointment. The other way is much more needed in my opinion. We already have good and open IdP services, there is no need for another one. Let's just focus on messaging, use these existing IdP instead of inventing new wheel. ☹️
Zash
in reply to Štěpán Škorpil • • •Štěpán Škorpil
in reply to Zash • • •Zash
in reply to Štěpán Škorpil • • •I see. This seems to be what everyone expects. However it is backwards, it lets you use the XMPP server as an IdP for signing into XMPP without the client application seeing passwords.
There is however overlap with the SSO against an existing IdP use case and that is also possible, with different configuration, if with more friction due to how existing OAuth2 things tend require that application developers register their application ahead of time.
Štěpán Škorpil
in reply to Zash • • •The other way is much more needed in my opinion. We already have good and open IdP services, there is no need for another one. Let's just focus on messaging, use these existing IdP instead of inventing new wheel. ☹️