Hi, recently I started using authelia, and can’t understand how I need to use it, and how do I share it with others

Before I had bitwarden, kept all my passwords there, and used the passwords to login to every service. Also in every service I had 2FA and/or FIDO.

But now I have authelia, and I’m trying to understand where should be the main password, and what services do I bypass, and etc

And the most important, how do I explain people how to use it, do I create them authelia credentials and send, or how?

Thank you

  • Melmi@lemmy.blahaj.zone
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    8 months ago

    Most things should be behind Authelia. It’s hard to know how to help without knowing what exactly you’re doing with it but generally speaking Authelia means you can have SSO+2FA for every app, even apps that don’t provide it by default.

    It also means that if you have users, you don’t need them to store a bunch of passwords.

    One big thing to keep in mind is that anything with its own login system may be more involved to get working behind Authelia, like Nextcloud.

    • madejackson@lemmy.world
      link
      fedilink
      English
      arrow-up
      3
      ·
      8 months ago

      Quick heads up, Nextcloud works perfectly fine behind an auth provider. I am using it behind authentik.

      • Melmi@lemmy.blahaj.zone
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        I had issues connecting to Nextcloud from mobile clients when using Authelia, they didn’t like it, but if there’s a workaround for that that’s great

        • Gooey0210@sh.itjust.worksOP
          link
          fedilink
          English
          arrow-up
          2
          arrow-down
          1
          ·
          8 months ago

          You need to use authelia’s oidc, and your nextcloud app will be able to store this session for everything it needs

            • Gooey0210@sh.itjust.worksOP
              link
              fedilink
              English
              arrow-up
              1
              arrow-down
              2
              ·
              8 months ago

              🤝

              Also, it’s common practice to do rules, so ask 2fa on myserver.host, but don’t ask anything on myserver.host/api