This repository has been archived on 2022-08-17. You can view files and clone it, but cannot push or open issues or pull requests.
dex/Documentation/connectors/atlassian-crowd.md
2020-02-05 12:40:49 +04:00

1.7 KiB

Authentication through Atlassian Crowd

Overview

Atlassian Crowd is a centralized identity management solution providing single sign-on and user identity.

Current connector uses request to Crowd REST API endpoints:

  • /user - to get user-info
  • /session - to authenticate the user

Offline Access scope support provided with a new request to user authentication and user info endpoints.

Configuration

To start using the Atlassian Crowd connector, firstly you need to register an application in your Crowd like specified in the docs.

The following is an example of a configuration for dex examples/config-dev.yaml:

connectors:
- type: atlassian-crowd
  # Required field for connector id.
  id: crowd
  # Required field for connector name.
  name: Crowd
  config:
    # Required field to connect to Crowd.
    baseURL: https://crowd.example.com/crowd
    # Credentials can be string literals or pulled from the environment.
    clientID: $ATLASSIAN_CROWD_APPLICATION_ID
    clientSecret: $ATLASSIAN_CROWD_CLIENT_SECRET
    # Optional groups whitelist, communicated through the "groups" scope.
    # If `groups` is omitted, all of the user's Crowd groups are returned when the groups scope is present.
    # If `groups` is provided, this acts as a whitelist - only the user's Crowd groups that are in the configured `groups` below will go into the groups claim.  
    # Conversely, if the user is not in any of the configured `groups`, the user will not be authenticated.
    groups:
    - my-group
    # Prompt for username field.
    usernamePrompt: Login