I’m considering adding an SSO process in front of my self-hosted apps such as Nextcloud, Calibre-Web and Immich. The thing I’m thinking about, is do I need to make two accounts for each user I want to add? If I have a new user, do I need to make an account for both the SSO provider and the protected app such as Nextcloud? Or does Nextcloud (or some other app) automatically create a new account upon the first authentication with the SSO provider?
Also, which SSO provider do y’all recommend? I would like to have one with a web UI where I can manage the users :)
I’m using Keycloak and Traefik as reverse proxy, and some apps don’t have integration with SSO, so I turn off authentication and use traefik-auth in front of them, which works ok for my use case.
For the rest, it depends, and gotta take a look at their documentation.