Commit 6e7d20
2024-02-16 02:25:37 Hargata Softworks: OIDC| /dev/null .. openid.md | |
| @@ 0,0 1,27 @@ | |
| + | # Authenticating via OpenID Connect |
| + | |
| + | Configure OpenID Connect(OIDC) for LubeLogger via the following environment variables |
| + | |
| + | ``` |
| + | OpenIDConfig__Name=Name of the OpenID Connect Provider |
| + | OpenIDConfig__ClientId=Client Id to Authenticate with the Provider |
| + | OpenIDConfig__ClientSecret=Client Secret to Authenticate with the Provider |
| + | OpenIDConfig__AuthURL=Authorization URL to the Provider's Login Page |
| + | OpenIDConfig__TokenURL=URL to retrieve user JWT from the Provider |
| + | OpenIDConfig__RedirectURL=https://<yourlubeloggerdomain.com>/Login/RemoteAuth(must be HTTPS) |
| + | OpenIDConfig__Scope=The scope for retrieving the user's email claim(usually it's just 'email') |
| + | ``` |
| + | |
| + | The following sample shows how to set up OIDC with Google as the provider |
| + | |
| + | ``` |
| + | OpenIDConfig__Name=Google |
| + | OpenIDConfig__ClientId=<your Google API Client Id>.apps.googleusercontent.com |
| + | OpenIDConfig__ClientSecret=<your Google API Client Password> |
| + | OpenIDConfig__AuthURL=https://accounts.google.com/o/oauth2/auth |
| + | OpenIDConfig__TokenURL=https://oauth2.googleapis.com/token |
| + | OpenIDConfig__RedirectURL=https://localhost:5011/Login/RemoteAuth |
| + | OpenIDConfig__Scope=email |
| + | ``` |
| + | |
| + | Once you have all these environment variables injected correctly, you should see the ability to login via your OIDC provider. Note: Currently LubeLogger only supports one OIDC provider. |