integrate user autentication with OAuth2 solution like authentik for self host

[kampty]

Is your feature or enhancement related to a problem? Please describe.

users can only autenticate with chatwoot login now, no way to login with external providers

Describe the solution you'd like

Allow admins to let users login with custom OAuth or SAML providers

Describe alternatives you've considered

Using Oauth/Saml/OpenID

Additional context

No response

[adolfombarros]

It would be very useful if Chatwoot supported OAuth2/OpenID Connect authentication.
In our case, we would like to integrate with Authelia OIDC provider (docs), which already exposes standard endpoints (/.well-known/openid-configuration, /authorize, /token, /userinfo).

This would allow us to centralize authentication, enforce MFA, and reuse existing claims (email, name, roles) across all applications in our stack, without relying solely on the built-in Chatwoot login.

[alex-gph1]

As I see it's not going to happen: #5420

[scmmishra]

We already have SAML based SSO, OIDC is next on our roadmap :)

[FreeSynergy]

@scmmishra

We already have SAML based SSO, OIDC is next on our roadmap :)

Will you put in this feature for the self hosted community version?

[Gaspa79]

I believe they won't, as they said before many times. I just grab the source and add a small patch I created to use forward auth log-in-thru-header-field. It's relatively easy to patch and implement.

[Daniel15]

It seems like OAuth/OIDC is already partially supported, given you can enable logging in with Google. I haven't looked at the code but I suspect whatever is handling Google login could be generalized to work with any OIDC/OAuth provider.

[alex-gph1]

Chatwoot uses omniauth. Essentially it would take 5 mins to get OIDC working. But if you check the link in my comment, you will see there a reasoning for why it won't happen. I'm not following closely, but I don't think anything has changed.

[Daniel15]

Chatwoot uses omniauth. Essentially it would take 5 mins to get OIDC working. But if you check the link in my comment, you will see there a reasoning for why it won't happen. I'm not following closely, but I don't think anything has changed.

If the Chatwoot team don't want to maintain this feature in the open-source release, it could be maintained as a patch on top of their code. That's one of the main benefits of open source software - you're free to both use and modify the code.