Hi folks,

I’m seeing there are multiple services which externalise the task of “identity provider” (e.g. login with Facebook, google or what not).

In my case, I am curious about Tailscale, a VPN service which allows one to chose an identity provider/SSO between Google, Microsoft, Github, Apple and OIDC.

How can I find out what data is actually communicates to the identity provider? Their task should simply be to decide whether I am who I claim to be, nothing more. But I’m guessing there may be some subtleties.

In the case of Tailscale, would the identity provider know where I’m trying to connect? Or more?

Answers and insights much appreciated! The topic does not seem to have much information online.

exu
link
fedilink
63M

You can self host your identity provider and use OIDC to connect Tailscale. I myself use Authentik, a more established alternative in enterprise is Keycloak

Can I ask how you set authentik up for tailscale? I tried that but got stuck with the webfinger step. I can’t wrap my head around that.

The Hobbyist
creator
link
fedilink
4
edit-2
3M

Do you use Authentik specifically with Tailscale? That’s interesting, indeed I would definitely want that. I was under the impression that it required something like headscale but it seems not to be the case. Thanks!

Edit: minor edit.

exu
link
fedilink
13M

I use Headscale, but I think I read somewhere that Tailscale allows custom OIDC providers now.

Create a post

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

  • Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
  • Don’t promote proprietary software
  • Try to keep things on topic
  • If you have a question, please try searching for previous discussions, maybe it has already been answered
  • Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
  • Be nice :)

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

  • 0 users online
  • 57 users / day
  • 383 users / week
  • 1.5K users / month
  • 5.7K users / 6 months
  • 1 subscriber
  • 3.01K Posts
  • 75K Comments
  • Modlog