You can connect Jellyfin to an SSO provider. It still needs work, and client support is lacking. Ideally I think it maybe should be built in rather than a plug-in (would definitely encourage more client support). But it exists.

https://github.com/9p4/jellyfin-plugin-sso

Feature request for oidc/sso:

https://features.jellyfin.org/posts/230/support-for-oidc-oauth-sso

As it stands, you could enable both the SSO and LDAP plugins, and let users do password resets entirely through your auth provider.

Basically, this is all stuff that comes with Plex out-of-the-box, but you sort of have to glue it together yourself with Jellyfin, and it’s not yet in an ideal state. Plex is much much easier to configure. I wouldn’t allow yourself to believe that Plex doing all this for you will make you totally secure through – there’s been multiple incidents with their auth, and IIRC the LastPass attacker pivoted from a weak Plex install. Just food for thought.

When I use the word “private” I mean that stores, for the most part, are not owned by the government. I am saying that laws related to private property apply in this situation.

Technically what we are talking about here is a private business open to the public. And we are specifically talking about non government here, since getting trespassed from public property is a bit different in some ways.

Yes, there are many laws that apply to a private business open to the public (ADA, civil rights, food safety, etc.).

But the store is still owned by a company or an individual. They have the right to determine who can be on their property and when, within the bounds of any other applicable laws.

For the most part my response was concerned with legalities, as you seem confident that a store could lose a lawsuit merely for trespassing an individual. It seems you are claiming that a private business does not have the legal right to trespass an individual?

I’m not questioning your ability to walk past receipt checkers without talking to them. I do the same thing.

I do not dispute that refusing to talk to the store makes things more difficult if their goal becomes trespassing you from their property. However, the store does not need your name to tell you that you’re not welcome on their property. If you return, you will be in violation of trespass law. The store also does not need your name to call the police and report a crime. In reality, yes, this is unlikely to happen to you, but it has certainly happened.

I am not attempting to put under scrutiny your ability to file in court the paperwork necessary for a lawsuit in the event that a store trespasses you.

My question is: what would be the legal basis for such a lawsuit?

If a private business decides to trespass you for any or no reason, what would be the basis of your lawsuit?

You are correct that you own the items after you purchase them, and the store has no right to stop you unless they are asserting shopkeeper’s privilege. For that, I believe they would need reasonable articulable suspicion just like any investigatory stop by law enforcement.

But at the same time, a private business has every right to ask you to leave for any reason at all, as long as they are not discriminating based on a protected class. They can tell you that you’re not welcome back, and if you return then you will almost certainly be breaking your state’s trespass law.

In reality, I don’t really see any store wanting to start the widespread trespassing of customers who are just walking out of a store with their purchased items (assuming no prior agreement with the store to stop or show receipt). It would be a big customer service risk on behalf of the store. However, it’s also untrue to say that just walking past a receipt checker is completely devoid of the risk of a store banning you.

To put it another way: you’re at a friend’s house, and he says you must stand on your head and sing the alphabet. You refuse. He has no legal way to compel you to comply. But he can ask you to leave his house and not come back. Your refusal to comply with his ridiculous alphabet related request is perfectly valid, but doing so can also bring some amount of risk that you’re no longer welcome.