Combining Keycloak, LDAP, and Nextcloud (With Discord SSO!)
For most of the past couple months my energies at Eyebeam have been focused on helping move Undersco.re to a more scalable user management and authentication model. Previously, we'd just been using Keycloak with a Discord identity provider. This provided a relatively seamless single sign-on experience, but had a number of drawbacks, most importantly:
- Running through the Discord IDP, without being able to synchronize with guilds, meant all users had to be a member of Underscore's Discord to use SSO.
- This process didn't allow for real one-to-one account syncing across different apps, particularly NextCloud, which serves as the core