Feature Description
It could be interesting to have an option (either by environment variable or config) to disable the default admin account if an external authentication provider is set with the OIDC_MERGE_ACCOUNTS variable.
Since the users are authenticated externally, there's no need in this type of scenario to have an extra local admin account.
Problem It Solves
Having a specific local admin account for Arcane represents a form of security flaw and cannot be managed somewhere else than Arcane directly.
Proposed Solution
Add a configuration setting DISABLE_INITIAL_ADMIN_CREATION to allow to disable the creation of the default admin account.
Alternatives Considered
No response
Additional Context
No response
Would you be willing to work on this feature?
Feature Description
It could be interesting to have an option (either by environment variable or config) to disable the default admin account if an external authentication provider is set with the
OIDC_MERGE_ACCOUNTSvariable.Since the users are authenticated externally, there's no need in this type of scenario to have an extra local admin account.
Problem It Solves
Having a specific local admin account for Arcane represents a form of security flaw and cannot be managed somewhere else than Arcane directly.
Proposed Solution
Add a configuration setting
DISABLE_INITIAL_ADMIN_CREATIONto allow to disable the creation of the default admin account.Alternatives Considered
No response
Additional Context
No response
Would you be willing to work on this feature?