Finally! Mastodon using SAML for SSO \o/

It just took 4 hours, a bunch of mastodon restarts, an annoyed :sheogorath: me and some source code reading to end up with a working solution without workarounds(!) and a bug report.

I guess I should write a blog post now 😐

@valerauko I'm currently setting up keycloak as auth backend for all my services.

I'll definitely write some tutorial for that, because non exists for Mastodon + Keycloak yet. And I can tell that this would have been **really** helpful :D

@sheogorath i don't know what you use but the ruby-saml library is easy to use and contribute to as well

@valerauko Mastodon has already omniauth-saml integrated. Main problem was a bug that appeared due to the fact that I tried to link an existing account. Which caused Mastodon to generate a temporary email address which it then again tried to store in the user model but the user model didn't accept this "email" address as it was invalid.

Sign in to participate in the conversation
Sheogorath's Microblog

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!