From fdf19e8014ae309f1cece9529b9354234d3bb459 Mon Sep 17 00:00:00 2001 From: Rui Yang Date: Fri, 31 Jul 2020 14:25:28 -0400 Subject: [PATCH] add docs for oauth connector Signed-off-by: Rui Yang --- README.md | 1 + docs/connectors/oauth.md | 49 ++++++++++++++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 docs/connectors/oauth.md diff --git a/README.md b/README.md index 6ae2a7b0..2598f0c8 100644 --- a/README.md +++ b/README.md @@ -80,6 +80,7 @@ Dex implements the following connectors: | [Atlassian Crowd](https://dexidp.io/docs/connectors/atlassiancrowd/) | yes | yes | yes * | beta | preferred_username claim must be configured through config | | [Gitea](https://dexidp.io/docs/connectors/gitea/) | yes | no | yes | alpha | | | [OpenStack Keystone](https://dexidp.io/docs/connectors/keystone/) | yes | yes | no | alpha | | +| [Generic OAuth 2.0](https://dexidp.io/docs/connectors/oauth/) | no | yes | yes | beta | Stable, beta, and alpha are defined as: diff --git a/docs/connectors/oauth.md b/docs/connectors/oauth.md new file mode 100644 index 00000000..b4a5e9a5 --- /dev/null +++ b/docs/connectors/oauth.md @@ -0,0 +1,49 @@ +# Authentication using Generic OAuth 2.0 provider + +## Overview + +Dex users can make use of this connector to work with standards-compliant [OAuth 2.0](https://oauth.net/2/) authorization provider, in case of that authorization provider is not in the Dex connectors list. + +## Configuration + +The following is an example of a configuration for using OAuth connector with Reddit. + +```yaml +connectors: +- type: oauth + # ID of OAuth 2.0 provider + id: reddit + # Name of OAuth 2.0 provider + name: reddit + config: + # Connector config values starting with a "$" will read from the environment. + clientID: $REDDIT_CLIENT_ID + clientSecret: $REDDIT_CLIENT_SECRET + redirectURI: http://127.0.0.1:5556/callback + + tokenURL: https://www.reddit.com/api/v1/access_token + authorizationURL: https://www.reddit.com/api/v1/authorize + userInfoURL: https: https://www.reddit.com/api/v1/me + + # Optional: Specify whether to communicate to Auth provider without validating SSL certificates + # insecureSkipVerify: false + + # Optional: The location of file containing SSL certificates to commmunicate to Auth provider + # rootCAs: /etc/ssl/reddit.pem + + # Optional: List of scopes to request Auth provider for access user account + # scopes: + # - identity + + # Optional: Configurable keys for user id field look up + # Default: groups + # groupsKey: + + # Optional: Configurable keys for name field look up + # Default: user_id + # userIDKey: + + # Optional: Configurable keys for username field look up + # Default: user_name + # userNameKey: +``` \ No newline at end of file