Install authd and brokers for identity providers

This project consists of two components:

• authd: The authentication daemon responsible for managing access to the authentication mechanism.

• identity broker: The services that handle the interface with an identity provider. There can be several identity brokers installed and enabled on the system.

authd is delivered as a Debian package for Ubuntu Desktop and Ubuntu Server.

System requirements

• Ubuntu: Desktop or Server editions

• Release: 24.04 LTS or later

• Architectures: amd64, arm64

Install authd

On Ubuntu 26.04 LTS, authd is available directly from the Ubuntu archive.

Add PPA before installing on Ubuntu 24.04

On Ubuntu 24.04 LTS, authd must be installed from the stable PPA. Add the PPA before proceeding:

sudo add-apt-repository ppa:ubuntu-enterprise-desktop/authd

Install authd and any additional Debian packages needed for your system of choice:

Ubuntu Desktop

sudo apt install authd gnome-shell yaru-theme-gnome-shell

Ubuntu Server

sudo apt install authd

Install brokers

The brokers are provided as snap packages and are available from the Snap Store. Install the broker corresponding to the identity provider that you want to use:

Google IAM

To install the Google IAM broker, run the following command:

sudo snap install authd-google

At this stage, you have installed the main service and an identity broker to authenticate against Google IAM.

Microsoft Entra ID

To install the Microsoft Entra ID broker, run the following command:

sudo snap install authd-msentraid

At this stage, you have installed the main service and an identity broker to authenticate against Microsoft Entra ID.

Keycloak

Keycloak can be used with the generic OIDC broker. Install the broker with the following command:

sudo snap install authd-oidc

At this stage, you have installed the main service and an identity broker to authenticate against Keycloak or any other OIDC provider.