OAuth2
|
Note
|
This page is marked as "earlydoc", which means that it more of a collection of notes and an early draft before this page turns into good documentation later on. It is hoped that this early form of documentation is useful to you, but please understand that most documentation pages are higher quality than this. If you have suggestions or comments, please do get in contact or consider contributing your suggestions to the OliveTin documentation. |
OliveTin supports OAuth2 for login with any OAuth2 compliant provider.
At the moment, username fetching is only supported on GitHub. More will be added soon, probably with the addition of OpenID Connect support.
authOAuth2RedirectUrl: http://localhost:1337/oauth/callback
authOAuth2Providers:
github:
clientId: 1234567890
clientSecret: 1234567890Provider configuration
-
name- a "simple name" for the provider, used in the login redirect and internally in OliveTin, e.g.github -
title- the human-readable name of the provider, e.g.GitHub -
clientId- the client ID provided by the OAuth2 provider -
clientSecret- the client secret provided by the OAuth2 provider -
icon- the icon to use for the provider. Accepts any HTML, e.g.<iconify-icon icon="simple-icons:authentik"></iconify-icon> -
scopes- a list of scopes to request. -
authUrl- the URL to redirect to for authentication -
tokenUrl- the URL to exchange the code for a token -
whoamiUrl- the URL to fetch user information from -
usernameField- the field in the user information response to use as the username -
userGroupField- the field in the user information response to use as the group. This is a string containing one group name, e.g.olivetin_group -
certBundlePath- the path to a certificate to add to the truststore for authentication requests, e.g./certs/internal.crt -
insecureSkipVerify- a boolean to disable certificate verfication -
connectTimeout- an integer for seconds until the request will timeout, e.g.10