How ownCloud Infinite Scale handles authentication through OIDC

As you all probably know, we are currently modernizing ownCloud from the ground up. Our goal is infinite scale, hence the name. Infinite scale as in an infinite number of files, users and machines as well as infinite file sizes. We write it in Go, making ownCloud platform independent. ownCloud Infinite Scale neither requires Apache nor any PHP infrastructure, becoming the most easy-to-use and most easy-to-deploy ownCloud ever. We use microservices and a three-tier architecture, making ownCloud a secure cloud native solution to file access requirements. Some globally well-known research institutions are involved in the creation of ownCloud Infinite Scale, making sure it extends their capabilities as it will yours.

Authentication in the new ownCloud Infinite Scale is easier than ever. Out of the box, ownCloud Infinite Scale only supports OpenID Connect (OIDC) for user authentication. This means it has no dependencies except for an Identity Provider - and if your organization doesn’t have one running already, ownCloud Infinite Scale ships with its own. ownCloud Infinite Scale works with F5, Keycloak, Ping Federate, ADFS, Azure AD, Kopano Konnect and basically any Identity Provider that supports OIDC, if configured accordingly.

As OIDC is an authentication layer on top of OAuth2. It packs the same advantages of increased security through the issuing of revokable tokens when authenticating users in applications, making credentials stored in clients unnecessary. OIDC enables a real single sign-on while supporting security measures as sophisticated as your Identity Provider supports, for example policies to automatically expire tokens if and when devices leave the organization’s network.

The ownCloud Desktop Client 2.7, ownCloud iOS App 11.4, ownCloud Android app 2.15 and the ownCloud Classic and upcoming ownCloud Web frontends support OpenID Connect natively.

While we are focusing completely on OIDC for authentication going forward, a number of compatible Identity Providers support legacy standards like SAML, so organizations that require that sort of compatibility aren’t left out in the cold. We are already working on a bridge mode that enables ownCloud Infinite Scale and ownCloud 10 to run concurrently. To bring OIDC to ownCloud 10, and to enable the bridge mode between ownCloud 10 and ownCloud Infinite Scale, we recently released our OpenID Connect Marketplace app for ownCloud 10.

2 Likes