We have website/webshops of bussiness suppliers where our employees have to login with a shared user/password and order products. These websites contain internal confidential information.
As these suppliers do not have the possability to create a user account for each of our employees, I am looking for a way to add a proxy IDP infront of the website where our employees can sign-in with their SSO credentials and the proxy will foreward them to the suppliers website and the proxy will post the stored credentials so the employee is loged-in without knowing the credentials.
Like this I don‘t have to share the credentials that could potentially leave the company and I could only allow users to access the proxy from the internal network
I looked into Auth0, Okta and Authentik but only ever found the way to add a proxy infront of a unsecured external/foreign application. Closest is Authetik with authentication proxy for basic authetication.
Update: Okta offers SWA - Secure Web Authentication. Exactly what we need. But Okta's pricing schema seems to be a little off for a startup with 5 employees. Is there any know alternatives, Preferably OpenSource and self hostable.