What I want from SSO, in order from most to least importance:
- password-less via webauthn, not just 2FA. resident credentials (full passwordless) would be great
- lightweight
- no ties to emails, no password reset via email, etc
- not too complicated to set up
Authelia doesn’t have passwordless login, and it’s tied to email system. Authentik is too heavy, complicated and likely overkill for what I need - couple services behind caddy that I don’t want random internet people to access. I looked at Keycloak, same thing as Authentik.
Any suggestions?
I think that KanIDM can do this.