Identity Management

Osie is a software tool that enhances OpenStack by offering additional services such as billing, marketing automation, customer support, and more. Your customers need to log into these systems to access the services you provide.

By default, Osie includes a built-in identity provider that handles user registration, login, and account management out of the box — no external services are required. User accounts and credentials are stored securely in Osie's own database.

The built-in login supports:

Email and password authentication
Two-factor authentication (TOTP)
Passkey / WebAuthn authentication
User registration and password recovery

This is the simplest way to get started. No additional identity infrastructure is needed.

If your organization already has an identity provider, you can configure Osie to delegate authentication to it using the OpenID Connect (OIDC) protocol. This enables Single Sign-On (SSO) across your services.

Federated login is useful when:

You offer multiple services and want your customers to log in only once. After that, they're automatically logged in to all the other systems you provide (like Osie, WHMCS, discussion forums, and so on).
Your company has an existing login system (SAML2, LDAP, Active Directory, etc.) and you want to federate it via an OpenID Connect provider such as Keycloak, Okta, or Auth0.
You want employees to use their existing corporate accounts to access the Osie Admin dashboard.
You want to provide social logins (Google, Facebook, GitHub, etc.) via your own identity provider.
You use WHMCS with OpenID Connect and want users to log in to Osie with their existing credentials.

To use a federated identity provider, configure the OIDC settings in your values.yaml. See the Kubernetes installation guide for configuration examples.

Built-in Login (Default)​

Federated Login via OpenID Connect (Optional)​

Built-in Login (Default)

Federated Login via OpenID Connect (Optional)