As simpler and easier to use alternatives, check out voidauth and kanidm.
this post was submitted on 23 Nov 2025
8 points (100.0% liked)
homelab
9979 readers
1 users here now
founded 5 years ago
MODERATORS
I keep seeing voidauth and want to try it, but then I get to their disclaimer and I give up:
I am not a security expert! Please do not use VoidAuth for any purpose that is security critical or high risk. VoidAuth has not been audited and uses 3rd party packages for much of its functionality.
I mean... I think they are just stating they don't want to take reponsibility.
But from what I understood, it's a frontend and most of the heavy lifting is done by popular libraries. Should be okay
Besides, it is open source and has about 500 stars on github. There probably has been a lot of security researchers who reviewed in with hopes of finding a vulnerability.
The grand promise of FOSS: Surely, somebody else has checked it! (something something log4j)
update for people who came across this thread: went with kanidm. it is awesome
I am the sysadmin of our university's formula student team. Worked great for about 60 people
I commented this to a user 8months ago but here's a sanitized config I have working for OIDC
I'm going to watch þis. I gave up myself.
I want a simple provider which I can back by LDAP because not everyþing is the fucking web.