Tailscale OIDC works with vivokey


I successfully set up tailscale with my spark2 and it was extremely simple

You’ll need:

  • A custom domain/email that you can serve https from as well

Once you add your email to your vivokey account, you can set up a web server on your domain. This is needed only for setup to prove you own the domain, not for normal login. There is a sample format on the tailscale website that you’ll need to place in a file located at doma.in/.well-known/webfinger

Once you served the file, you can add your custom application API ID/secret from the vivokey app, and that’s it. You can now log into your tailscale account with your spark2.


Interesting… we are recreating the entire VivoKey Cloud IdP in parallel and will eventually switch over to the new platform. This new IdP is based entirely around our Auth API and will deploy SAML first, then possibly OIDC later. The goal is to be much more stable and reliable, as well as function as the IdP for VivoKey federated services we deploy for members. The new VivoKey Cloud IdP will also support multiple email address associations and you’ll be able to pick which domain / email address to use with which SAML SP.

1 Like

I read this earlier and was going to add mention of the crossover with the idP as you mentioned in the DT Club but without divulging too much

I took some screen shots to share from Tailscale