I would like to control which OIDC providers users can login to my server through
I propose that we do this through optional PROVIDERS_WHITELIST
and PROVIDERS_BLACKLIST
settings
Possibly we could use LDPSource
or similar so that it's configured through the admin panel
Have we discussed other means for controlling with whom I federate? Has this issue been discussed within the Solid community?
@sylvain @balessan @jbpasquier
@plup I can't think of any security issues with being able to use any server as an OIDC provider, as long as it's intentional that anyone could gain "authenticated users" permissions