forked from mystiq/dex
add docs for oauth connector
Signed-off-by: Rui Yang <ruiya@vmware.com>
This commit is contained in:
parent
930b331a5b
commit
fdf19e8014
2 changed files with 50 additions and 0 deletions
|
@ -80,6 +80,7 @@ Dex implements the following connectors:
|
||||||
| [Atlassian Crowd](https://dexidp.io/docs/connectors/atlassiancrowd/) | yes | yes | yes * | beta | preferred_username claim must be configured through config |
|
| [Atlassian Crowd](https://dexidp.io/docs/connectors/atlassiancrowd/) | yes | yes | yes * | beta | preferred_username claim must be configured through config |
|
||||||
| [Gitea](https://dexidp.io/docs/connectors/gitea/) | yes | no | yes | alpha | |
|
| [Gitea](https://dexidp.io/docs/connectors/gitea/) | yes | no | yes | alpha | |
|
||||||
| [OpenStack Keystone](https://dexidp.io/docs/connectors/keystone/) | yes | yes | no | alpha | |
|
| [OpenStack Keystone](https://dexidp.io/docs/connectors/keystone/) | yes | yes | no | alpha | |
|
||||||
|
| [Generic OAuth 2.0](https://dexidp.io/docs/connectors/oauth/) | no | yes | yes | beta |
|
||||||
|
|
||||||
Stable, beta, and alpha are defined as:
|
Stable, beta, and alpha are defined as:
|
||||||
|
|
||||||
|
|
49
docs/connectors/oauth.md
Normal file
49
docs/connectors/oauth.md
Normal file
|
@ -0,0 +1,49 @@
|
||||||
|
# Authentication using Generic OAuth 2.0 provider
|
||||||
|
|
||||||
|
## Overview
|
||||||
|
|
||||||
|
Dex users can make use of this connector to work with standards-compliant [OAuth 2.0](https://oauth.net/2/) authorization provider, in case of that authorization provider is not in the Dex connectors list.
|
||||||
|
|
||||||
|
## Configuration
|
||||||
|
|
||||||
|
The following is an example of a configuration for using OAuth connector with Reddit.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
connectors:
|
||||||
|
- type: oauth
|
||||||
|
# ID of OAuth 2.0 provider
|
||||||
|
id: reddit
|
||||||
|
# Name of OAuth 2.0 provider
|
||||||
|
name: reddit
|
||||||
|
config:
|
||||||
|
# Connector config values starting with a "$" will read from the environment.
|
||||||
|
clientID: $REDDIT_CLIENT_ID
|
||||||
|
clientSecret: $REDDIT_CLIENT_SECRET
|
||||||
|
redirectURI: http://127.0.0.1:5556/callback
|
||||||
|
|
||||||
|
tokenURL: https://www.reddit.com/api/v1/access_token
|
||||||
|
authorizationURL: https://www.reddit.com/api/v1/authorize
|
||||||
|
userInfoURL: https: https://www.reddit.com/api/v1/me
|
||||||
|
|
||||||
|
# Optional: Specify whether to communicate to Auth provider without validating SSL certificates
|
||||||
|
# insecureSkipVerify: false
|
||||||
|
|
||||||
|
# Optional: The location of file containing SSL certificates to commmunicate to Auth provider
|
||||||
|
# rootCAs: /etc/ssl/reddit.pem
|
||||||
|
|
||||||
|
# Optional: List of scopes to request Auth provider for access user account
|
||||||
|
# scopes:
|
||||||
|
# - identity
|
||||||
|
|
||||||
|
# Optional: Configurable keys for user id field look up
|
||||||
|
# Default: groups
|
||||||
|
# groupsKey:
|
||||||
|
|
||||||
|
# Optional: Configurable keys for name field look up
|
||||||
|
# Default: user_id
|
||||||
|
# userIDKey:
|
||||||
|
|
||||||
|
# Optional: Configurable keys for username field look up
|
||||||
|
# Default: user_name
|
||||||
|
# userNameKey:
|
||||||
|
```
|
Loading…
Reference in a new issue