Skip to content

Oikos

v0.55.14 Feature

This release adds 3 notable features for engineering teams evaluating rollout.

Published 2d Productivity & Wikis
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

docker family family-planner home-automation planner-app privacy-first
+4 more
progressive-web-app pwa self-hosted selfhosted-apps

Affected surfaces

auth

Summary

AI summary

OIDC/SSO single sign‑on support via any OpenID Connect provider was added.

Changes in this release

Feature Medium

Adds OIDC/SSO single sign-on support via any OpenID Connect provider.

Adds OIDC/SSO single sign-on support via any OpenID Connect provider.

Source: llm_adapter@2026-06-01

Confidence: high
Feature Medium

Adds Authorization Code flow with PKCE (S256) and nonce for secure SSO.

Adds Authorization Code flow with PKCE (S256) and nonce for secure SSO.

Source: llm_adapter@2026-06-01

Confidence: high
Feature Medium

Adds database migration v42 to include `oidc_sub` and `oidc_provider` columns in `users` table with partial unique index.

Adds database migration v42 to include `oidc_sub` and `oidc_provider` columns in `users` table with partial unique index.

Source: llm_adapter@2026-06-01

Confidence: high
Feature Low

Adds "Sign in with SSO" button on login page when OIDC is configured.

Adds "Sign in with SSO" button on login page when OIDC is configured.

Source: llm_adapter@2026-06-01

Confidence: high
Feature Low

Adds SSO i18n keys to all 16 supported locales.

Adds SSO i18n keys to all 16 supported locales.

Source: llm_adapter@2026-06-01

Confidence: high
Feature Low

Displays localized error message on failed SSO attempts.

Displays localized error message on failed SSO attempts.

Source: granite4.1:30b@2026-06-01-audit

Confidence: low
Full changelog

Added

  • OIDC/SSO single sign-on support via any OpenID Connect provider (Authentik, Keycloak, Google, etc.), configurable through four environment variables (OIDC_ISSUER, OIDC_CLIENT_ID, OIDC_CLIENT_SECRET, OIDC_REDIRECT_URI).
  • Authorization Code flow with PKCE (S256) and nonce for secure SSO; state, nonce, and code verifier are stored in the session and consumed once.
  • Login page shows an "Sign in with SSO" button only when OIDC is configured; displays a localised error message on failed SSO attempts.
  • Database migration v42 adds oidc_sub and oidc_provider columns to the users table with a partial unique index.
  • SSO i18n keys (loginWithSso, orDivider, ssoError) added to all 16 supported locales.
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track Oikos

Get notified when new releases ship.

Sign up free

About Oikos

Family planner for small households

All releases →

Related context

Related tools

Beta — feedback welcome: [email protected]