Skip to main content

Single Sign On

I built a SSO system mostly to protect some of my more sensitive sites. However, now that I did the hard work of getting it working, it's super easy for me to do stuff like secure a knowledgebase site with a SSO login.

The SSO login is https://auth.matt-cloud.com/ and you can manage multi-factor methods here. There is no other user visible functionality here, but it's worth mentioning. 

The platform is called Authelia and I have it running in a docker container like everything else these days. 

I have a pretty well configured guacamole instance protected by Authelia and 2FA now, and I have discovered a slight issue. During the 2FA device registration the service will send an email with a code to your email I have programmed in AD. However, if the receiving email server likes to click on links as part of the spam filter, then the code will be invalidated before it can be used. I discovered this happening with a test account that sent these codes to my tesla.com email address. Any Tesla folks that want Terminal Server access or otherwise need 2FA on Matt Cloud I'll need a different email address. If you want I can just set up a mailbox on my server for this too. 

Back to top