openID connect with juju controller

Nextcloud has support for acting as an openID connect backend, e.g. allowing to authenticate (login) users for another service, using users in Nextcloud I assume.

I think that Juju controllers might have support for openID connect (or soon?) ?

I want to know if we can use a Nextcloud openID connect with a Juju controller.

Today a Juju controller can be used with Canonical identity service (https://api.jujucharms.com/identity") at the time of boostrapping a controller like this:

juju bootstrap aws/eu-north-1 my-controller.example.com --config identity-url="https://api.jujucharms.com/identity"

I would imagine this could be replaced with something along the line of:

juju bootstrap aws/eu-north-1 my-controller.example.com --config identity-url="https://my-nextcloud.example.com/identity --config identity-public-key=XXXXXXXXXX"

The docs isn’t great here explaining what can be done here, but I’d love to know what you think and if it can be achieved.

This is how it looks in Nextcloud (Deploy with Juju) with the openID connect plugin. But I haven’t understood yet how to configure it or test it.

image1708×1150 295 KB

@erik-lonroth unfortunately juju does not currently support OIDC, however we have added the feature to Jaas for both the cli and the dashboard.

You can find the documentation at the following link https://canonical-jaas-documentation.readthedocs-hosted.com/en/latest/ (please let me know if you can’t access it)

Jaas used to be a Canonical hosted Canonical product, however for the past 1.5 years we have been busy rearchitecting it to transform it in something you can self host. In addition to the OIDC support we have added a number of compliance and auditing features aimed at serving the needs of enterprises which large juju deployments