Can OIDC be considered to become an open source (not exclusively enterprise) feature in the future?

[queglay]

I've just come across this project and I'd like to consider it for another OSS IAC project I am working on.

Feature Request

I'd love to explore using Teleport with Hashicorp Vault OSS, but without Open ID available in the open source variant, its not an option for me.

Motivation

Combining Teleport with Hashicorp Vault for other open source IAC projects would be a wonderful thing!

Who's it for?

OSS User

Thanks if you can consider this at some point in the future.

[benarent]

Hi @queglay, Thank you for getting in touch. For OSS users we've a few options, we currently provide Github as an SSO provider https://gravitational.com/resources/guides/github-sso-provider-kubernetes-ssh/ . You can also create local users that'll enforce 2FA using hardware or app tokens.

Thank you for checking out Teleport and I hope this can work for you.

[TheAnachronism]

I agree that OIDC should also be available in the open-source version.
SSO is essentials for cloud tools today, and limiting your users to either none or just one provider can often be a reason people turn away from your product.
This movement goes so far, that there's even a wall of shame for companies which consider SSO as only enterprise level. There are multiple rants online that go about the issue with SSO restricted to enterprise one example

I really do hope, that SSO can be made open source for teleport and other products that have similar licensing.

[wizpresso-steve-cy-fan]

robchahin/sso-wall-of-shame#204

robchahin/sso-wall-of-shame#295

Too bad, the list is not updated for a long time.

[dounoit]

yeah - this is a total show stopper - for more context - im using authentik for sso- its very unfortunate. please reconsider :-)

[Smartich0ke]

I would also love for this to be available in the community edition. Security is a basic necessity, not something you lock away behind paywalls.