starred/koel-koel
1
0
Fork 0
mirror of https://github.com/koel/koel.git synced 2026-04-26 09:15:59 +03:00
Code Issues 67 Projects Releases 10 Packages Wiki Activity

[GH-ISSUE #1814] [FR]: SSO Generic Provider #1004

New issue
Open
opened 2026-02-26 02:34:55 +03:00 by kerem · 5 comments
kerem commented 2026-02-26 02:34:55 +03:00
Owner
Copy link

Originally created by @robin9991 on GitHub (Aug 22, 2024).
Original GitHub issue: https://github.com/koel/koel/issues/1814

Originally assigned to: @phanan on GitHub.

Description

Hi,

I searched weeks till i came across here. Would it be hard to implement a generic sso provider (e.g. to use with Authentik)? As it should work simmilar to the Google Oauth. Further this seems "easier" and more secure than the Header Auth, also to implement.

Additional information

Would also be interested in testing this as this is the only thing lacking a proper deployment in my env.

Originally created by @robin9991 on GitHub (Aug 22, 2024). Original GitHub issue: https://github.com/koel/koel/issues/1814 Originally assigned to: @phanan on GitHub. ### Description Hi, I searched weeks till i came across here. Would it be hard to implement a generic sso provider (e.g. to use with Authentik)? As it should work simmilar to the Google Oauth. Further this seems "easier" and more secure than the Header Auth, also to implement. ### Additional information Would also be interested in testing this as this is the only thing lacking a proper deployment in my env.
kerem commented 2026-02-26 02:34:55 +03:00
Author
Owner
Copy link

@Heknon commented on GitHub (Aug 30, 2024):

We are also looking for either SSO or LDAP for user management/creation

<!-- gh-comment-id:2320596450 --> @Heknon commented on GitHub (Aug 30, 2024): We are also looking for either SSO or LDAP for user management/creation
kerem commented 2026-02-26 02:34:55 +03:00
Author
Owner
Copy link

@jojom4n commented on GitHub (Jun 12, 2025):

Any update on this feature? It's the only one thing preventing me from switching to Koel so far. I know I could use a forward auth proxy to my custom self-hosted OIDC provider and I actually use it for other daemons, but I could not use mobile app if I did so and should use common browser to browse my collection

<!-- gh-comment-id:2968243487 --> @jojom4n commented on GitHub (Jun 12, 2025): Any update on this feature? It's the only one thing preventing me from switching to Koel so far. I know I could use a forward auth proxy to my custom self-hosted OIDC provider and I actually use it for other daemons, but I could not use mobile app if I did so and should use common browser to browse my collection
kerem commented 2026-02-26 02:34:55 +03:00
Author
Owner
Copy link

@phanan commented on GitHub (Jun 13, 2025):

I'm willing to add this into Koel, but my knowledge is limited. If you folks could explain more (e.g., how it should work, how to set up a dev/test environment etc.) I'd much appreciate.

<!-- gh-comment-id:2970160102 --> @phanan commented on GitHub (Jun 13, 2025): I'm willing to add this into Koel, but my knowledge is limited. If you folks could explain more (e.g., how it should work, how to set up a dev/test environment etc.) I'd much appreciate.
kerem commented 2026-02-26 02:34:55 +03:00
Author
Owner
Copy link

@jojom4n commented on GitHub (Jun 19, 2025):

To be honest, I don't know how either, I suppose one could use an external library like Oauthlib, but I'm an hobbyist developer and never implemented something like that.

Alternatively, would you be able to implement an API key system, so that Koel gives user an API key to insert into the app to connect to own server without using username and/or password? This way, one could use a forward auth proxy like Tinyauth to have SSO, while being able to connect by mobile app through the API key.

<!-- gh-comment-id:2988665311 --> @jojom4n commented on GitHub (Jun 19, 2025): To be honest, I don't know how either, I suppose one could use an external library like Oauthlib, but I'm an hobbyist developer and never implemented something like that. Alternatively, would you be able to implement an API key system, so that Koel gives user an API key to insert into the app to connect to own server without using username and/or password? This way, one could use a forward auth proxy like Tinyauth to have SSO, while being able to connect by mobile app through the API key.
kerem commented 2026-02-26 02:34:55 +03:00
Author
Owner
Copy link

@Itrimel commented on GitHub (Nov 17, 2025):

I would also be interested to have the option to use my already configured SSO provider (Authelia) to be able to manage login to Koel : right now I'm using the proxy authentication, but this doesn't work really well with the mobile app.

I was interested to see a PR to implement Authelia as a provider (#2104), but I do agree with the comment that it makes more sense to implement a more generic solution to be able to fit into more workflows. There doesn't seem to be a generic option in the Laravel Socialite Providers, but I found this third-party repo https://github.com/Kovah/laravel-socialite-oidc implementing a generic OpenId provider : maybe this can be a good start/reference for doing this ?

<!-- gh-comment-id:3541420203 --> @Itrimel commented on GitHub (Nov 17, 2025): I would also be interested to have the option to use my already configured SSO provider (Authelia) to be able to manage login to Koel : right now I'm using the proxy authentication, but this doesn't work really well with the mobile app. I was interested to see a PR to implement Authelia as a provider (#2104), but I do agree with the comment that it makes more sense to implement a more generic solution to be able to fit into more workflows. There doesn't seem to be a generic option in the Laravel Socialite Providers, but I found this third-party repo [https://github.com/Kovah/laravel-socialite-oidc](https://github.com/Kovah/laravel-socialite-oidc) implementing a generic OpenId provider : maybe this can be a good start/reference for doing this ?
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
master
release
dependabot/composer/phpunit/phpunit-12.5.22
dependabot/npm_and_yarn/dompurify-3.4.0
dependabot/npm_and_yarn/vite-plus-0.1.17
dependabot/composer/phpseclib/phpseclib-3.0.51
1889-duplicate-upload-detection
test/home-screen-empty-to-content
fix/exclude-songless-albums-from-recently-added
refactor/laravel-prompts
fix/wma-cover-art-exception
fix/remove-redundant-seed-step
chore/upgrade-laravel-13
chore/upgrade-vue-3.5.29
test/phase-7-components
dbg-2142
demo-fix
debug-mysql
trusthosts
seek
fix-equalizer
sentry
invite-user
remove-v6-obsolete
fix/song-list
feat/paths-filter
fix/home
fix/footer
feat/progressive
php81
dev/public-playlists
cy
feat/l7
dependabot/composer/pusher/pusher-php-server-4.1.4
dependabot/composer/laravel/framework-5.8.38
dependabot/composer/jackiedo/dotenv-editor-1.1.1
renovate/pin-dependencies
actions
api-doc
feat/recently-played
fix-tests
fix-cover-page
upload
stylejs-196
compilation
vuex
android-notif
nojquery
demo
vue2
2.0
1.1
v9.1.2
latest
v9.1.1
v9.1.0
v9.0.0
v8.3.1
v8.3.0
v8.2.0
v8.1.0
v8.0.0
v7.15.1
v7.15.0
v7.14.0
v7.13.0
v7.12.0
v7.11.0
v7.10.4
v7.10.3
v7.10.2
v7.10.1
v7.10.0
v7.9.0
v7.8.1
v7.8.0
v7.7.1
v7.7.0
v7.6.3
v7.6.2
v7.6.1
v7.6.0
v7.5.2
v7.5.1
v7.5.0
v7.4.2
v7.4.1
v7.4.0
v7.3.1
v7.3.0
v7.2.2
v7.2.1
v7.2.0
v7.1.0
v7.0.12
v7.0.11
v7.0.10
v7.0.9
v7.0.8
v7.0.7
v7.0.6
v7.0.5
v7.0.4
v7.0.3
v7.0.2
v7.0.1
v7.0.0
v6.12.1
v6.12.0
v6.11.5
v6.11.4
v6.11.3
v6.11.2
v6.11.1
v6.11.0
v6.10.0
v6.9.0
v6.8.5
v6.8.4
v6.8.3
v6.8.2
v6.8.1
v6.8.0
v6.7.5
v6.7.4
v6.7.3
v6.7.2
v6.7.1
v6.7.0
v6.6.0
v6.5.3
v6.5.2
v6.5.1
v6.5.0
v6.4.3
v6.4.2
v6.4.1
v6.4.0
v6.3.0
v6.2.2
v6.2.1
v6.2.0
v6.1.0
v6.0.6
v6.0.5
v6.0.4
v6.0.3
v6.0.2
v6.0.1
v6.0.0
v0.0.0-beta
v5.1.14
v5.1.13
v5.1.12
v5.1.11
v5.1.10
v5.1.9
v5.1.8
v5.1.7
v5.1.6
v5.1.5
v5.1.4
v5.1.3
v5.1.2
v5.1.1
v5.1.0
v5.0.2
v5.0.1
v5.0.0
v4.4.0
v4.3.1
v4.3.0
v4.2.2
v4.2.1
v4.2.0
v4.1.1
v4.1.0
v4.0.0
v3.7.2
v3.7.1
v3.7.0
v3.6.2
v3.6.1
v3.6.0
v3.5.5
v3.5.4
v3.5.3
v3.5.2
v3.5.1
v3.5.0
v3.4.1
v3.4.0
v3.3.1
v3.3.0
v3.2.0
v3.1.1
v3.1.0
v3.0.1
v3.0.0
v2.2.1
v2.2.0
v2.1.0
v2.0.2
v2.0.1
v2.0.0
v1.1.2
v1.1.1
1.0.0-beta
Labels
Clear labels   
Authentication

   
Dependencies

   
Documentation

   
Feature Request

   
Flac

   
Help Wanted

   
Installation/Setup

   
Integration

   
Mobile

   
PR Welcome

   
Pending Release

   
Performance

   
Playlist

   
S3

   
Search

   
Sync

   
[Pri] Low

   
[Pri] Normal

   
[Status] Keep Open

   
[Status] Needs Author Reply

   
[Status] Needs Review

   
[Status] Stale

   
[Status] Will Implement

   
[Type] Blessed

   
[Type] Bug

   
[Type] Duplicate

   
[Type] Enhancement

   
[Type] Help Request

   
[Type] Question

   
[Type] Task

   
pull-request

Mirrored from GitHub Pull Request

No labels
Authentication
Dependencies
Documentation
Feature Request
Flac
Help Wanted
Installation/Setup
Integration
Mobile
PR Welcome
Pending Release
Performance
Playlist
S3
Search
Sync
[Pri] Low
[Pri] Normal
[Status] Keep Open
[Status] Needs Author Reply
[Status] Needs Review
[Status] Stale
[Status] Will Implement
[Type] Blessed
[Type] Bug
[Type] Duplicate
[Type] Enhancement
[Type] Help Request
[Type] Question
[Type] Task
pull-request
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/koel-koel#1004
No description provided.