Page 1 of 1

OIDC / OAuth2 support

Posted: Wed Apr 15, 2020 1:31 pm
by garbinc
Sonarr and Radarr is more often then not, without any authentication.
This can be dangerous when you publish CNAME records (not on cloudflare proxied).

If we want to support any sort of authentication we have to hardcode our user/pass in the browser URL which over http is also very insecure.

With keycloak the app would be able to authenticate against the proxy and redirect you to the proper url with api credentials.
These would have to be setup on the keycloak server.

client
client_secret -> automatically generated by keycloak

What do you think?

Re: OIDC / OAuth2 support

Posted: Fri Apr 17, 2020 8:04 pm
by f3bruary
If you care that much about security, why not close the ports and deploy an OpenVPN or WireGuard server ?

Re: OIDC / OAuth2 support

Posted: Mon Apr 27, 2020 11:33 pm
by garbinc
f3bruary wrote:
Fri Apr 17, 2020 8:04 pm
If you care that much about security, why not close the ports and deploy an OpenVPN or WireGuard server ?
This is doable i guess