What type of request is this?
Enhancement of an existing feature
Clear and concise description of the feature you are proposing
Hey!
Liking the project so far!
But i'm running into some issues regarding oidc.
I'm using OIDC via my Keycloak only and don't use application local auth anywhere.
This applies to sync-in as well.
But when you want to create an application password, or do some other things related to administration you'll get promted to insert a password.
But, as the password and authentication is manages via my external keycloak, there is no default password set.
I found a workaround, to reset credentials via the administration ui, but this would mean, i have to manually set passwords for each individual user, as they are also get provided via oidc, so they can create app passwords.
This does also apply, if the local password authentication is disabled via: enablePasswordAuth: false (which is default if using oidc)
Would be nice if theres a way to disable these double authentication requirements when using oidc, trigger a re-authentication on oidc using prompt=login, or on user creation make the user is able to setup a private application intern password for these cases, that is not bound to the actual login.
Validations
What type of request is this?
Enhancement of an existing feature
Clear and concise description of the feature you are proposing
Hey!
Liking the project so far!
But i'm running into some issues regarding oidc.
I'm using OIDC via my Keycloak only and don't use application local auth anywhere.
This applies to sync-in as well.
But when you want to create an application password, or do some other things related to administration you'll get promted to insert a password.
But, as the password and authentication is manages via my external keycloak, there is no default password set.
I found a workaround, to reset credentials via the administration ui, but this would mean, i have to manually set passwords for each individual user, as they are also get provided via oidc, so they can create app passwords.
This does also apply, if the local password authentication is disabled via: enablePasswordAuth: false (which is default if using oidc)
Would be nice if theres a way to disable these double authentication requirements when using oidc, trigger a re-authentication on oidc using prompt=login, or on user creation make the user is able to setup a private application intern password for these cases, that is not bound to the actual login.
Validations