With some pointing in the right direction help, I got #Matrix authentication working with OpenIDConnect #OIDC. Pretty neat. Yet, it only works well for new accounts to be created.
I want to create a key to access all services I provide. That's especially useful for school etc. to have an AD-like SSO service. Nobody wants to have separate credentials to various services.
For now, first step done and ready to keeping on track.
@tobi I thought about that for my privately hosted services, but with a password manager in use the benefits are minimal and different credentials for different services might prevent some leaks.