I think I got it figured out 🙂 If you want to test it, you can swap your voidauth version to :edge from :latest. I wouldn’t recommend keeping it that way (‘edge’ is for testing the latest stuff), but if you get a chance to set it up let me know how it goes

Actually, you know what? I am going to take another crack at it 😅 Tracking progress here: https://github.com/voidauth/voidauth/issues/115

Unfortunately I have not been able to get that to work 😞 I did look into it, but there is quite a lot of redirecting going on during the OIDC flows and it was a real pain to try to get it all sorted. For now you will have to use a subdomain, like https://voidauth.example.com/

Pretty much as answered already, passkeys (sometimes branded like FaceID or Windows Hello but it is an open spec) are an alternative to passwords. Your public key that identifies your user is stored in VoidAuth and your private key is stored on your device. Some password managers support syncing passkeys, so you don’t have to set up a new passkey on every device.

The advantage over passwords is that they are domain and device specific, so are much harder to be leaked from the client side. VoidAuth (or other services) should only be storing your public key so a leak on the server side would not allow someone to log in as you.

I have never used nforwardauth, but it looks like it offers a subset of the functionality of VoidAuth. Both support proxy-auth, but VoidAuth has user management features and also supports OIDC, passkeys, etc. I think nforwardauth looks like a great project, you can always setup VoidAuth alongside and try it out!

My previous setup was with Authelia and lldap, and VoidAuth is heavily inspired by a combination of both. I think the advantages VoidAuth has are simple user management, supporting user registration/invitation, more branding customization, and a better end-user UI (imo).

There are other great selfhosted auth solutions such as Authelia and lldap, and also Authentik, Keycloak, pocket-id, and Rauthy. I would encourage anyone looking for a selfhosted auth solution to shop around!