While speaking with a colleague who is working in a small company he told me, that the lost track about user right management. They had a an excel table where they tracked all user groups and special rights users in the company have. But depending on some changes in the company structure, they got problems.
Is there any selfhosting software to manage usergroups, teams and userrights in a modern UI? It should be abe to set also data owner and so may keep track on non Active-Directory data.
Use an Identity Provider (IDP)*. Other people have mentioned LDAP, which can play this role.
Use groups within the IDP to declare who has what privileges.
Apps using the IDP for auth can read the groups and allow/deny permissions based on groups.
*Or Identity and Access Management if you are in the cloud ig.
For open source solutions, I would recommend:
These three solutions all have invites, ldap, and can act as oauth providers. (Oauth is single sign on), which are the features I want. There are also integrated, including it all in the one app.
There is also LLDAP, which is a web ui for ldap, and then you could use a service that connects to that, like authelia or keycloak, to add oauth on top.