We could do with some way of allowing people to log in to other services with their EMF ticket account. I am contemplating a few things which do not need to be tightly coupled to the main website. OIDC is likely the best way forward here.

Some considerations:

• User IDs will need to be namespaced by event year - perhaps we need a standard way of generating externally-visible IDs. (Maybe sqids would be nice, or perhaps we just go full UUID?)
• I think app credentials (API key & secret) can just be configured statically (perhaps in a separate JSON file to the main config). This avoids needing to build too much admin CRUD and also means they will persist between years.