Yesterday, 10:26 PM
Hi all,
I’ve submitted the following feature request to Fider:
👉 https://features.jellyfin.org/posts/3384
That post outlines the basic idea, but I wanted to provide additional context and rationale here for discussion.
---
## Acknowledging Existing Work
I'm aware of the existing SSO feature request:
➡️ https://features.jellyfin.org/posts/230
SSO/OIDC support would absolutely help — it would allow users to log in using providers like Google or Apple, and eliminate the need for the admin to manage every password. That’s a major improvement.
However, my suggestion goes further, proposing a broader, modular companion system — separate from Jellyfin core — to improve the **full account lifecycle and access experience**, especially for non-technical users.
---
## The Problem
When sharing a Jellyfin server with friends or family, especially over the internet, the process is high-friction:
- Admin must manually create user accounts
- Passwords must be assigned and managed manually
- No password recovery/reset system exists
- No SSO today (pending the above feature request)
- No invite-based access or approval flows
- No built-in global relay access (unless self-configured via tunnels or proxies)
This means that even if remote access is set up securely (e.g., via Cloudflare Tunnel), **users still rely on the admin for basic account management**, making it impractical at scale.
---
## The Proposal
Rather than changing Jellyfin core, I'm suggesting an **optional, open-source companion project** that could handle:
- ✅ Self-service user account creation (with optional approval)
- ✅ Password reset/recovery
- ✅ Integration with identity providers (Google, Apple, etc.) using OIDC/OAuth
- ✅ Invite-based account creation
- ✅ Optional relay-like remote access (Plex-style or brokered)
- ✅ Fully self-hostable or optionally community-hosted
The idea would be to create something akin to Bitwarden's model:
- The core remains self-hosted and private
- Users who want convenience can opt into hosted or federated tools
- Nothing is mandatory, and no part of this would require changing Jellyfin itself
---
## Why It Matters
Right now, I can't share my server with more than one or two people without becoming tech support. Even if I manage secure remote access, I'm still stuck handling password resets, onboarding, and troubleshooting.
Plex solves this through a centralized identity system — but that comes with its own tradeoffs. I believe **Jellyfin can retain its philosophy** while still offering a way to make life easier for those of us sharing with less technical users.
---
## My Role
I'm not a developer, so I can't build something like this myself — but I'd happily contribute:
- Testing and feedback
- UX suggestions
- Real-world use case input
---
## Final Thought
This isn’t a request to centralize Jellyfin or change its principles. It’s a proposal to **enable an ecosystem** where users who want extra convenience and scalability can have it — through modular, community-driven tools that complement the project without diluting its goals.
Thanks for reading, and I’m curious whether others have hit the same pain points.
I’ve submitted the following feature request to Fider:
👉 https://features.jellyfin.org/posts/3384
That post outlines the basic idea, but I wanted to provide additional context and rationale here for discussion.
---
## Acknowledging Existing Work
I'm aware of the existing SSO feature request:
➡️ https://features.jellyfin.org/posts/230
SSO/OIDC support would absolutely help — it would allow users to log in using providers like Google or Apple, and eliminate the need for the admin to manage every password. That’s a major improvement.
However, my suggestion goes further, proposing a broader, modular companion system — separate from Jellyfin core — to improve the **full account lifecycle and access experience**, especially for non-technical users.
---
## The Problem
When sharing a Jellyfin server with friends or family, especially over the internet, the process is high-friction:
- Admin must manually create user accounts
- Passwords must be assigned and managed manually
- No password recovery/reset system exists
- No SSO today (pending the above feature request)
- No invite-based access or approval flows
- No built-in global relay access (unless self-configured via tunnels or proxies)
This means that even if remote access is set up securely (e.g., via Cloudflare Tunnel), **users still rely on the admin for basic account management**, making it impractical at scale.
---
## The Proposal
Rather than changing Jellyfin core, I'm suggesting an **optional, open-source companion project** that could handle:
- ✅ Self-service user account creation (with optional approval)
- ✅ Password reset/recovery
- ✅ Integration with identity providers (Google, Apple, etc.) using OIDC/OAuth
- ✅ Invite-based account creation
- ✅ Optional relay-like remote access (Plex-style or brokered)
- ✅ Fully self-hostable or optionally community-hosted
The idea would be to create something akin to Bitwarden's model:
- The core remains self-hosted and private
- Users who want convenience can opt into hosted or federated tools
- Nothing is mandatory, and no part of this would require changing Jellyfin itself
---
## Why It Matters
Right now, I can't share my server with more than one or two people without becoming tech support. Even if I manage secure remote access, I'm still stuck handling password resets, onboarding, and troubleshooting.
Plex solves this through a centralized identity system — but that comes with its own tradeoffs. I believe **Jellyfin can retain its philosophy** while still offering a way to make life easier for those of us sharing with less technical users.
---
## My Role
I'm not a developer, so I can't build something like this myself — but I'd happily contribute:
- Testing and feedback
- UX suggestions
- Real-world use case input
---
## Final Thought
This isn’t a request to centralize Jellyfin or change its principles. It’s a proposal to **enable an ecosystem** where users who want extra convenience and scalability can have it — through modular, community-driven tools that complement the project without diluting its goals.
Thanks for reading, and I’m curious whether others have hit the same pain points.