Skip to content

fix: allow guest access when OIDC or Keycloak authentication is enabled#2054

Merged
lissy93 merged 2 commits into
lissy93:masterfrom
ZedeN1:master
Apr 7, 2026
Merged

fix: allow guest access when OIDC or Keycloak authentication is enabled#2054
lissy93 merged 2 commits into
lissy93:masterfrom
ZedeN1:master

Conversation

@ZedeN1
Copy link
Copy Markdown

@ZedeN1 ZedeN1 commented Apr 7, 2026

Category

Bug Fix

Overview

When enableGuestAccess: true is set alongside OIDC or Keycloak authentication, unauthenticated visitors were immediately redirected to the identity provider with no way to view the dashboard as a guest. This fix ensures the enableGuestAccess flag is respected regardless of which auth provider is configured.

Changes:

  • Remove !isOidcEnabled() and !isKeycloakEnabled() guards from isGuestAccessEnabled() in Auth.js so the flag is honoured for all auth providers
  • Skip signinRedirect() in OidcAuth when guest access is enabled, allowing unauthenticated users to reach the dashboard
  • Skip keycloak.login() in KeycloakAuth when guest access is enabled, same rationale
  • Fix getUserState() to return the guestAccess state when OIDC or Keycloak is active and guest access is on — this makes the "Login" button appear for guests instead of being hidden
  • Fix goToLogin() in AuthButtons to trigger the correct provider flow (OIDC redirect or Keycloak login) instead of routing to /login, which has no effect when SSO is configured

Issue Number

Closes #2053 and #1755

Additional Info

  • No schema changes — this relies on the existing auth.enableGuestAccess config flag
  • No breaking changes — behaviour is unchanged for users who do not set enableGuestAccess: true
  • AI disclaimer: Claude was used to assist with this fix
  • Tested using Zitadel as the OIDC provider

fix: allow guest access when OIDC or Keycloak authentication is enabled
d106e97 
When enableGuestAccess: true is set alongside OIDC or Keycloak auth,
unauthenticated visitors were immediately redirected to the identity
provider with no way to view the dashboard as a guest.

- Remove !isOidcEnabled() and !isKeycloakEnabled() guards from
  isGuestAccessEnabled() so the flag is respected for all auth providers
- Skip signinRedirect() in OidcAuth when guest access is enabled
- Skip keycloak.login() in KeycloakAuth when guest access is enabled
- Fix getUserState() to return the guestAccess state when OIDC or
  Keycloak is active and guest access is on, so the login button appears
- Fix goToLogin() in AuthButtons to trigger the correct provider flow
  (OIDC redirect or Keycloak login) instead of routing to /login
@ZedeN1 ZedeN1 requested a review from lissy93 as a code owner April 7, 2026 11:42
@netlify
Copy link
Copy Markdown

netlify Bot commented Apr 7, 2026
edited
Loading

Deploy Preview for dashy-dev ready!

Name Link
🔨 Latest commit 57ca287
🔍 Latest deploy log https://app.netlify.com/projects/dashy-dev/deploys/69d5020947e79f0007247e9f
😎 Deploy Preview https://deploy-preview-2054--dashy-dev.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

lissy93
lissy93 approved these changes Apr 7, 2026
View reviewed changes
Copy link
Copy Markdown
Owner

@lissy93 lissy93 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good, thank you @ZedeN1 😊

@lissy93 lissy93 merged commit 1e3ccfc into lissy93:master Apr 7, 2026
10 checks passed
This was referenced Apr 7, 2026
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lissy93 lissy93 lissy93 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[FEATURE_REQUEST] OIDC and Guest Access

2 participants

@ZedeN1 @lissy93