Authentik is an open-source identity provider you can host yourself.
It lets you use a single login across your self-hosted services, with support for OAuth2, OIDC, SAML, LDAP, and more.
Useful for managing access to apps like Jellyfin, Immich, Nextcloud, Vaultwarden, and other self-hosted tools.
GitHub: https://github.com/goauthentik/authentik
More details: https://digitalescapetools.com/tools/tool.html?id=authentik
More privacy-friendly tools: https://digitalescapetools.com/


You can run authentik as an LDAP server and then federate a seperate server that supports RADIUS eap-tls as federated to that. So if you are willing to run an additional software that connects to LDAP, you can make it do basically anything.
Yup. And I was doing that with FreeRadius on the side. I was pretty okay with that being licensed locked. I also had sssd setup for my desktop logins but found it to be slow at times to perform logins. The Kanidm-unix agent is incredibly fast and responsive while also being five lines in a config file.
Again, I think Authentik is fantastic and will still recommend it to people. My move was probably more motivated by my need to tinker and learn more so than my other reasons.
‘Software’ isn’t a countable, and doesn’t attract an article like ‘an’.