Identity & Access Management

SSO, authorization, and service identity for RavenmaskOS.

Components

Component	Purpose	Documentation
Zitadel	SSO & Identity	Zitadel
OAuth2-Proxy	Auth proxy	OAuth2-Proxy
OpenFGA	Authorization	OpenFGA
SPIRE	Service identity	SPIRE

Authentication Flow

User → Traefik → OAuth2-Proxy → Zitadel
              ↓
         Protected Service

Related

• Security/Authentication
• Security/Authorization