[Wronnay]

Cool, but I looks like the creator didn't really look deep in the competition. Many of the question marks in the comparison table can be replaced by a checkmark.

[apitman]

I looked more closely at the simpler ones, since simplicity was a baseline requirement for me when I went looking for a server to meet my needs. If the docs for something were too complicated to even determine if it supported the features I need then I tended not to spend much time digging through them.

[langur]

Indeed. It is slightly misleading at first glance. But the author has stated that it is incomplete. ZITADEL(https://zitadel.com/), for example, pretty much checks almost all the boxes.

[BodyCulture]

Which not? Thank you!

[langur]

ZITADEL doesn't support anonymous clients. Honestly, it's not the best practice anyway.

As for Forward Auth, the concept can be a bit fuzzy, and from what I gather, ZITADEL doesn't really support that.

Trusted Header Auth might work in some scenarios, but that definition is also a bit fuzzy, so hard to say for sure.

[apitman]

> ZITADEL doesn't support anonymous clients. Honestly, it's not the best practice anyway.

How would you accomplish the same thing using best practices? The closest is dynamic client registration without requiring an initial access token, but that still requires clients to support the protocol, and I know at least the Jellyfin and Discourse OIDC plugins do not. And even if they did what do you gain over anonymous auth?