Is there a privacy-focused social login identity provider?

Question

I run several websites that manage user accounts. I generally default to an email-based login flow. I'd love to improve UX for my users by integrating with social login SSO, but I don't want to encourage my them to sell out (more of) their privacy to Google/Facebook/Apple/etc.Are there any Open ID Connect IdPs that are known to respect user privacy?

FlxMgdnz · Accepted Answer

Such an identity provider does not exist unfortunately, at least not with enough users to justify an integration for you. Of course you can always set up your own SSO provider (with the tools listed in AHOHA's comment), but that one would be limited to your own user base.
I'd propose you take a look at passkey, which allow for a very convenient, but privacy-friendly alternative to social SSO.
You can even combine social SSO with passkeys. Then users could sign up to your sites with one click through Google or Apple, but any subsequent login can happen between you and the user with a passkey. That's how we are doing things at hanko.io

AHOHA · Answer

There are dozens of open source SSO, some are popular too and are productions ready, like KeyCloak, Authelia, Authentic, and others that can be found here (1), however, keep in mind SSO has cons too from my experience besides what you mentioned -privacy wise:
- if the SSO server is down (or the docker container), all other services are un accessible by your users
- Any breaches to the SSO is a breach to all other services.
- You should have more work done on enforcing passwords/login policies, creating some sort of granular access, support MFA, etc.
(1) https://medevel.com/10-os-sso/