I second this feature request. 2024 has been the year where I've seen global adoption of OIDC and most of the apps I'm using are now supporting OIDC.

I'm using Authelia and I'd like instructions how to set it up. It's possible with next-auth but it's complicated and undocumented.

In the meantime it would be really nice to get instructions to make it work with next-auth/ldap so that my user would use the same credentials everywhere. Not a huge deal with SplitPro since it works with a passwordless magic link to login.

I would like this so I am opening a draft PR. It's not tested yet - nor does it have any tests written. I'll try to clean it up and validate it over the next couple of days.

I can't speak for Authelia, but v1.3.4 works with Authentik. I had to:

• Pass in the following environment variables:
  • AUTHENTIK_ID (client ID from Authentik)
  • AUTHENTIK_SECRET (client secret from Authentik)
  • AUTHENTIK_ISSUER (OpenID Configuration Issuer from Authentik).
• Set the callback URL redirect URI to https://yoursplitpro.domain/api/auth/callback/authentik in Authentik

Did you pass in the authentik provider to the list of providers?

Edit: oh, authentik provider is included https://github.com/oss-apps/split-pro/blob/main/src/server/auth.ts#L172

So that's expected. This issue is intended to be supporting oidc in general, right