A hands-on guide to deploying Pocket ID, a self-hosted OIDC provider that uses passkeys as the sole authentication method. Covers Docker Compose setup on a Hetzner VPS with Caddy as a reverse proxy, initial passkey enrollment (including a YubiKey as backup), and step-by-step OIDC client configuration for Forgejo, OpenGist, Linkding, and Coder. Key points include enforcing passwordless logins for internet-exposed apps, managing user groups and access controls, and configuring email notifications and verification.
Sort: