My one fear with this is offline authentication. I enjoy oauth/oidc a lot, but it doesn't have mechanisms for machines to continue to be able to authenticate while offline, like the way ldap/kerberos can do.

Is this just for machines that will always be online? I can understand that usecase but :/

EDIT: Okay, one comment, mentions himmelblau an alternative to authd, which seems to be more mature. Himmelblau has docs about offline usage. It looks like it has an emergency config that can use a cached password from the oidc provider,

Single-factor authentication (SFA-only) users and Hello-PIN users already have offline sign-in capability

Hmmm. Okay. Upon doing further reseach, it looks like offline authentication is exclusive to Microsoft Entra ID. :/

[–] ZombieCyborgFromOuterSpace@piefed.ca 4 points 1 day ago (1 children)

>Cloud based authentication? Like withAuthd allows for Ubuntu systems to authenticate users against cloud identity providers using modern standards like OpenID Connect. Authd is initially catering to Microsoft Entra ID and Google Cloud IAM though this daemon is modular by design to support other identity providers too.

Well hopefully that'll help push Linux desktops in the corporate environments.

[–] cm0002@libretechni.ca 1 points 1 day ago

Well hopefully that'll help push Linux desktops in the corporate environments.

There's been rumblings of replacing our devs linux laptops with Macs or Windows because "We can't even sync desktop accounts with Entra like we can with windows and macs!" So I'm absolutely about to try to roll this out and to put the kibosh on it before rumblings turn into pressure lol