Are there any plans to offer authentication providers in lieu of Github for managing access to organizations?
I’d love to use Google OAuth to access work-related resources in Fly, as this permits greater management over accounts than is possible with Github organizations, e.g. enforcing the use of hardware 2FA tokens.
Like everyone else, we definitely plan on making this work.
There are big changes coming, and soon, on how our auth tokens work. They’re going to be Macaroon-like and will enable fine-grained scoping and cross-org sharing of stuff. I don’t know when they’re going to hit, but they’re what I’m working on right now, and I’m impatient.
But what you’re asking for is SSO support. We know we need to get this done, and we know how to do it, but we’ve got a bunch of other things queued up ahead of it, and (so far as I know, and please correct me if you’re reading this and disagree) most of our current users don’t need it. It could be later in the year for us.
For what it’s worth: being in the middle of SOC2 right now, we’re 1000% sold on the value of farming auth out to Google for this. You can work on convincing us, but we’re already sold. This is essentially just a logistics thing for us.
having just configured my own auth token for a work resource I definitely agree with the prioritization here and am very excited to see the new token technology in action. We don’t have any pressing timeline or external requirement such as SOC2 at the moment so a “maybe later this year” timeline is perfectly fine for us.