Quote:
Originally Posted by Quoth
OAuth isn't as good as you think. It's about big corporations tracking and controlling you.
|
How are they tracking and controlling me if I use oauth internally?
Internally = an OSS auth backend (keycloak) which I host on my own hardware which is accessed by OSS frontend software I host on my own hardware, and which can not talk at all with the outside (firewall).
How are they tracking and controlling a corporation which uses commercial oauth software (Okta, OneIdentity, ...) internally for frontends which are hosted internally, which are running on local hardware and firewalled to the outside?
Answer to all above: they don't.
Again, you are mixing up an identity provider implementation (Google, Azure, ...) with the oauth protocol. If you don't use it to get tracked by google, don't use it with anyone except google. Most sites which allow to login with your google account, or facebook account, or whatver identity provider they support, also offer a local login possibility. To my experience this works well (when I can login locally, I do that, so I have experience in this regard).