[GH-ISSUE #279] Add additional SSO Options #4575

New issue

Open

opened 2026-03-01 15:34:22 +03:00 by kerem · 7 comments

kerem commented 2026-03-01 15:34:22 +03:00

Owner

Copy link

Originally created by @DenisKevljanin on GitHub (Feb 9, 2024).
Original GitHub issue: https://github.com/0xJacky/nginx-ui/issues/279

Currently only Casdoor is supported. A generic OIDC or LDAP provider would be great, so some flexibility is given.
You could also think about utilizing https://next-auth.js.org.

Originally created by @DenisKevljanin on GitHub (Feb 9, 2024). Original GitHub issue: https://github.com/0xJacky/nginx-ui/issues/279 Currently only Casdoor is supported. A generic OIDC or LDAP provider would be great, so some flexibility is given. You could also think about utilizing https://next-auth.js.org.

kerem added the

enhancement

label 2026-03-01 15:34:22 +03:00

kerem commented 2026-03-01 15:34:23 +03:00

Author

Owner

Copy link

@jearton commented on GitHub (Feb 19, 2024):

or think about utilizing Keycloak

<!-- gh-comment-id:1951844747 --> @jearton commented on GitHub (Feb 19, 2024): or think about utilizing Keycloak

kerem commented 2026-03-01 15:34:23 +03:00

Author

Owner

Copy link

@tranthibichhlieu commented on GitHub (Oct 18, 2024):

or zitadel

<!-- gh-comment-id:2421278681 --> @tranthibichhlieu commented on GitHub (Oct 18, 2024): or zitadel

kerem commented 2026-03-01 15:34:23 +03:00

Author

Owner

Copy link

@nomeguy commented on GitHub (Oct 18, 2024):

Currently only Casdoor is supported. A generic OIDC or LDAP provider would be great, so some flexibility is given. You could also think about utilizing https://next-auth.js.org.

Casdoor already supports OIDC and LDAP, and more like SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, RADIUS, etc. And it provides a better integrated solution. it's handling all the dirty work. You don't need to support native OIDC, and native LDAP. Next people will ask for native SAML, ask for CAS. Finally you found your project has become a Casdoor. So this is an endless game and why involved into this and got your hands dirty at the first time? If it's the case, maybe it's better to just create a new SSO open source project.

<!-- gh-comment-id:2422308263 --> @nomeguy commented on GitHub (Oct 18, 2024): > Currently only Casdoor is supported. A generic OIDC or LDAP provider would be great, so some flexibility is given. You could also think about utilizing https://next-auth.js.org. Casdoor already supports OIDC and LDAP, and more like SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, RADIUS, etc. And it provides a better integrated solution. it's handling all the dirty work. You don't need to support native OIDC, and native LDAP. Next people will ask for native SAML, ask for CAS. Finally you found your project has become a Casdoor. So this is an endless game and why involved into this and got your hands dirty at the first time? If it's the case, maybe it's better to just create a new SSO open source project.

kerem commented 2026-03-01 15:34:23 +03:00

Author

Owner

Copy link

@Hintay commented on GitHub (Nov 5, 2024):

Related issue: https://github.com/0xJacky/nginx-ui/issues/163

<!-- gh-comment-id:2457383089 --> @Hintay commented on GitHub (Nov 5, 2024): Related issue: https://github.com/0xJacky/nginx-ui/issues/163

kerem commented 2026-03-01 15:34:23 +03:00

Author

Owner

Copy link

@baltazartroisville commented on GitHub (Jul 22, 2025):

Currently only Casdoor is supported. A generic OIDC or LDAP provider would be great, so some flexibility is given. You could also think about utilizing https://next-auth.js.org.

Casdoor already supports OIDC and LDAP, and more like SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, RADIUS, etc. And it provides a better integrated solution. it's handling all the dirty work. You don't need to support native OIDC, and native LDAP. Next people will ask for native SAML, ask for CAS. Finally you found your project has become a Casdoor. So this is an endless game and why involved into this and got your hands dirty at the first time? If it's the case, maybe it's better to just create a new SSO open source project.

Makes no sense to me, vendor lock-in avoidance is never a bad thing. But having only Casdoor as an option is.
SAML, LDAP, etc. are mostly used for business solutions to keep compatibility with older software, OIDC is the future.

With a native OIDC implementation we could not only add Casdoor, but Authentik, Zitadel, Keycloak, Logto, etc.
Almost all Identity Solutions support native OIDC, and if someone needs all the other standards they can just as well set it up in Authentik, Keycloak, Casdoor etc. and most importantly: they can choose freely.

<!-- gh-comment-id:3101791357 --> @baltazartroisville commented on GitHub (Jul 22, 2025): > > Currently only Casdoor is supported. A generic OIDC or LDAP provider would be great, so some flexibility is given. You could also think about utilizing https://next-auth.js.org. > > Casdoor already supports OIDC and LDAP, and more like SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, RADIUS, etc. And it provides a better integrated solution. it's handling all the dirty work. You don't need to support native OIDC, and native LDAP. Next people will ask for native SAML, ask for CAS. Finally you found your project has become a Casdoor. So this is an endless game and why involved into this and got your hands dirty at the first time? If it's the case, maybe it's better to just create a new SSO open source project. Makes no sense to me, vendor lock-in avoidance is never a bad thing. But having only Casdoor as an option is. SAML, LDAP, etc. are mostly used for business solutions to keep compatibility with older software, OIDC is the future. With a native OIDC implementation we could not only add Casdoor, but Authentik, Zitadel, Keycloak, Logto, etc. Almost all Identity Solutions support native OIDC, and if someone needs all the other standards they can just as well set it up in Authentik, Keycloak, Casdoor etc. and most importantly: they can choose freely.

kerem commented 2026-03-01 15:34:23 +03:00

Author

Owner

Copy link

@Tom60chat commented on GitHub (Feb 16, 2026):

Implemented in #1488

<!-- gh-comment-id:3907911743 --> @Tom60chat commented on GitHub (Feb 16, 2026): Implemented in #1488

kerem commented 2026-03-01 15:34:23 +03:00

Author

Owner

Copy link

@Tom60chat commented on GitHub (Feb 23, 2026):

@0xJacky maybe close #279 as partially resolved?

The OIDC part of #279 is now implemented. For LDAP support, #163 already exists and covers that request in more detail.

<!-- gh-comment-id:3946362479 --> @Tom60chat commented on GitHub (Feb 23, 2026): @0xJacky maybe close #279 as partially resolved? The OIDC part of #279 is now implemented. For LDAP support, #163 already exists and covers that request in more detail.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

dev

weblate

main

renovate/uuid-14.x

renovate/typescript-6.x

renovate/all-minor-patch

cursor/interface-conversion-error-36ec

cursor/docker-api-stat-path-27ca

cursor/nginx-ui-disk-i-o-3d99

cursor/cloudflare-dns-comments-299c

cursor/access-log-dark-mode-font-dfdc

copilot/fix-ai-chat-title-error

cursor/propfind-method-logging-33b5

cursor/docker-client-version-update-d1b4

copilot/fix-nginx-ui-api-errors

cursor/update-x-forwarded-proto-header-handling-1223

cursor/fix-nginx-ui-issue-1455-gpt-5.1-codex-high-079c

cursor/update-nginx-ui-to-vue-3-gpt-5.1-codex-high-3100

cursor/investigate-nginx-ui-issue-1446-gpt-5.1-codex-high-2be0

v1

v2.3.8

v2.3.7

v2.3.6

v2.3.5

v2.3.4

v2.3.3

v2.3.2

v2.3.1

v2.3.0

v2.2.1

v2.2.0-patch.1

v2.2.0

v2.1.17

v2.1.16

v2.1.15

v2.1.14

v2.1.13

v2.1.12

v2.1.11

v2.1.10

v2.1.9

v2.1.8

v2.1.7

v2.1.6

v2.1.5

v2.1.4-patch.1

v2.1.4

v2.1.3

v2.1.2

v2.1.1

v2.1.0-patch.1

v2.1.0

v2.1.0-rc.3

v2.1.0-rc.2

v2.1.0-rc.1

v2.1.0-beta.1

v2.0.2

v2.0.1

v2.0.0

v2.0.0-rc.8-patch.1

v2.0.0-rc.8

v2.0.0-rc.7-patch.6

v2.0.0-rc.7-patch.7

v2.0.0-rc.7-patch.8

v2.0.0-rc.7-patch.5

v2.0.0-rc.7-patch.4

v2.0.0-rc.7-patch.3

v2.0.0-rc.7-patch.2

v2.0.0-rc.7-patch.1

v2.0.0-rc.7

v2.0.0-rc.6-patch.5

v2.0.0-rc.6-patch.4

v2.0.0-rc.6-patch.3

v2.0.0-rc.6-patch.2

v2.0.0-rc.6-patch.1

v2.0.0-rc.6

v2.0.0-rc.5

v2.0.0-rc.4-patch.3

v2.0.0-rc.4-patch.2

v2.0.0-rc.4-patch.1

v2.0.0-rc.4

v2.0.0-rc.3-patch.1

v2.0.0-rc.3

v2.0.0-rc.2

v2.0.0-rc.1-patch.2

v2.0.0-rc.1-patch.1

v2.0.0-rc.1

v2.0.0-beta.42

v2.0.0-beta.41

v2.0.0-beta.40

v2.0.0-beta.39-risefront.6

v2.0.0-beta.39-risefront.5

v2.0.0-beta.39-risefront.4

v2.0.0-beta.39-risefront.3

v2.0.0-beta.39-risefront.2

v2.0.0-beta.39-risefront

v2.0.0-beta.39

v2.0.0-beta.38

v2.0.0-beta.37-patch.5

v2.0.0-beta.37-patch.3

v2.0.0-beta.37-patch.4

v2.0.0-beta.37-patch.2

v2.0.0-beta.37-patch.1

v2.0.0-beta.37

v2.0.0-beta.36

v2.0.0-beta.35

v2.0.0-beta.34

v2.0.0-beta.33

v2.0.0-beta.32-patch.1

v2.0.0-beta.32

v2.0.0-beta.31

v2.0.0-beta.30

v2.0.0-beta.29

v2.0.0-beta.28

v2.0.0-beta.27

v2.0.0-beta.26

v2.0.0-beta.25-patch.2

v2.0.0-beta.25-patch.1

v2.0.0-beta.25

v2.0.0-beta.24

v2.0.0-beta.23-patch.2

v2.0.0-beta.23-patch.1

v2.0.0-beta.23

v2.0.0-beta.22

v2.0.0-beta.21

v2.0.0-beta.20

v2.0.0-beta.19

v2.0.0-beta.18-patch.2

v2.0.0-beta.18-patch.1

v2.0.0-beta.18

v2.0.0-beta.17

v2.0.0-beta.16

v2.0.0-beta.15

v2.0.0-beta.14

v2.0.0-beta.13-patch

v2.0.0-beta.13

v2.0.0-beta.12

v2.0.0-beta.11

v2.0.0-beta.10-patch

v2.0.0-beta.10

v2.0.0-beta.9

v2.0.0-beta.8-patch

v2.0.0-beta.8

v2.0.0-beta.7

v2.0.0-beta.6-patch.2

v2.0.0-beta.6-patch

v2.0.0-beta.6

v2.0.0-beta.5-patch

v2.0.0-beta.5

v2.0.0-beta.4-patch

v2.0.0-beta.4

v2.0.0-beta.3

v2.0.0-beta.2

v2.0.0-beta.1

v1.9.9-4

v1.9.9-3

v1.9.9-2

v1.9.9

v1.9.9-1

v1.8.4-patch

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.7.9

v1.7.8

v1.7.7

v1.7.6

v1.7.5

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0-patch

v1.7.0

v1.6.8

v1.6.7

v1.6.6

v1.6.5

v1.6.3

v1.6.2

v1.6.1

v1.6.0-fix

v1.6.0

v1.5.2

v1.5.1

v1.5.0

v1.5.0-beta9

v1.5.0-beta8

v1.5.0-beta7

v1.5.0-beta6

v1.5.0-beta5

v1.5.0-beta4-fix

v1.5.0-beta4

v1.5.0-beta3

v1.5.0-beta2

v1.5.0-beta1

v1.4.2

v1.4.1

v1.4.0

v1.4.0-rc1

v1.3.3-rc1

v1.3.2

v1.3.1-fix

v1.3.1

v1.3.0

v1.3.0-rc1

v1.2.2

v1.2.1

v1.2.0

v1.2.0-rc.3

v1.2.0-rc.2

v1.2.0-rc.1

v1.2.0-alpha.4

v1.2.0-alpha.3

v1.2.0-alpha.2

v1.1.0

Labels

Clear labels   

Q/A

  

bug

  

casdoor

  

dependencies

  

docker

  

documentation

  

duplicate

  

enhancement

  

help wanted

  

invalid

  

lego

  

platform:openwrt

  

platform:windows

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

wontfix

No labels

Q/A

bug

casdoor

dependencies

docker

documentation

duplicate

enhancement

help wanted

invalid

lego

platform:openwrt

platform:windows

pull-request

question

wontfix

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/nginx-ui#4575

No description provided.