Keycloak
Keycloak will run as a Single Sign-On server, with capability to store all users and their permissions/ roles. I do not yet understand how to set these roles to pass settings to an app or even prevent access to some apps.
Supported Apps
- NextCloud - done
Next Target:
- Panels App - which gives access to other apps, e.g. dashy?
- Admin Apps?
Discovery Endpoint:
https://<host-name>/realms/test-realm/.well-known/openid-configuration