SSO with OAuth2 and multiple tenants

Hi,

I’ve setup multiple Seafile instances with Single-Sign-On using Microsoft 365 OAuth2 in the past. Due to a merge of organisations but not tenants(!) it is now desired to use a common Seafile server. As far as I can tell, there is no way to configure multiple OAuth2 instances for authentication in Seafile or am I missing something?

Searching for a solution I came across OAuth2 Proxy. I am not really sure that it would actually be a solution to my problem. What I need is basically this: if the user has a login with @example2.com it should use the OAuth2 settings for Tenant 1 and if the user has a login with @example2.com Tenant 2 should be used for authentication.

Has anybody come across this challenge and found a viable solution? Any links or hints are appreciated.

We don’t support OAuth with multi-tenancy yet. For SAML, it is supported with multi-tenancy.

Deploy own Authentik server. Setup options to login to authentik over all your oauth2 idp and then setup login to seafile over oauth2 with authentik.

Thanks for your suggestions.