diff --git a/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/010.okta.md b/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/010.okta.md index b674299966..002d93b46e 100644 --- a/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/010.okta.md +++ b/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/010.okta.md @@ -3,4 +3,50 @@ title: 'Okta' description: 'Learn how to configure Okta as an identity provider for NocoDB.' tags: ['SSO', 'Okta', 'OIDC'] keywords: ['SSO', 'Okta', 'OIDC', 'Authentication', 'Identity Provider'] ---- \ No newline at end of file +--- + +This article briefs about the steps to configure Okta as Identity service provider for NocoDB + +1. Enable `OIDC SSO` on NocoDB + - Go to `Account Settings` > `Authentication` + - Activate `OIDC` toggle button +2. Retrieve `Redirect URL` from NocoDB + - Go to `Account Settings` > `Authentication` > `OIDC` + - Note down `Redirect URL` ; these information will be required to be configured later with the Identity Provider +3. Sign in to your [Okta account](https://www.okta.com/) and navigate to the "Get started with Okta" page. + - Click on `Add App` for the Single Sign-On option. + - On the `Browse App Integration Catalog` page, select `Create New App` +4. In the pop-up with title `Create a new app integration` + - Choose `OIDC - OpenID Connect` as the Sign-in method + - Choose `Web Application` as the Application type +5. Go to `General Settings` on the `New Web App Integration` page + - Provide your application's name. + - From the Options in the `Grant type allowed` section, select `Authorization Code` and `Refresh Token` + - Add the `Redirect URL` under `Sign-in redirect URIs`. + - From the `Assignments section`, select an option from `Controlled access` to set up the desired accessibility configuration for this application. + - `Save` +6. On your new application, + - Go to the `General` tab + - Copy the `Client ID` and `Client Secret` from the `Client Credentials` section. +7. From `Account` dropdown in navigation bar + - Copy `Okta Domain` +8. Append "./well-known/openid-configuration" to the `Okta Domain` URL & access it + - Example: https://dev-123456.okta.com/.well-known/openid-configuration + - Copy `authorization_endpoint`, `token_endpoint`, `userinfo_endpoint` & `jwks_uri` from the JSON response +9. In NocoDB, open `Account Settings` > `Authentication` > `OIDC` + - Insert `Client ID` retrieved in step (6) above as `Client ID` + - Insert `Client Secret` retrieved in step (6) above as `Client Secret` + - Insert `authorization_endpoint` retrieved in step (8) above as `Authorization URL` + - Insert `token_endpoint` retrieved in step (8) above as `Token URL` + - Insert `userinfo_endpoint` retrieved in step (8) above as `Userinfo URL` + - Insert `jwks_uri` retrieved in step (8) above as `JWK Set URL` + - Set `Scope` as `openid` `profile` `email` `offline_access` +10. In the Username Attribute field, indicate the name of the claim that represents the user's email. The default value is set to "email." + +For Sign-in's, user should be able to now see `Sign in with ` option. + +:::note +Post sign-out, refresh page (for the first time) if you do not see `Sign in with ` option +::: + +For information about Okta API Scopes, refer [here](https://developer.okta.com/docs/reference/api/oidc/#scopes) \ No newline at end of file diff --git a/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/020.auth0.md b/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/020.auth0.md index ed97d539c0..df155f5151 100644 --- a/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/020.auth0.md +++ b/packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/020.auth0.md @@ -1 +1,44 @@ --- +title: 'Auth0' +description: 'Learn how to configure Auth0 as an identity provider for NocoDB.' +tags: ['SSO', 'Auth0', 'OIDC'] +keywords: ['SSO', 'Auth0', 'OIDC', 'Authentication', 'Identity Provider'] +--- + +This article briefs about the steps to configure Auth0 as Identity service provider for NocoDB + +1. Enable `OIDC SSO` on NocoDB + - Go to `Account Settings` > `Authentication` + - Activate `OIDC` toggle button +2. Retrieve `Redirect URL` from NocoDB + - Go to `Account Settings` > `Authentication` > `OIDC` + - Note down `Redirect URL` ; these information will be required to be configured later with the Identity Provider +3. Access your [Auth0 account](https://auth0.com/) + - navigate to `Applications` > `Create Application`. +4. In the `Create Application` modal, + - choose `Regular Web Application` + - click `Create` +5. On Quick start screen, go to `Settings` tab + - Copy the `Client ID` and `Client Secret` from the `Basic Information` section. +6. Goto `Application URIs` section + - Add the `Redirect URL` copied from step(2) under `Allowed Callback URLs`. + - `Save Changes` +7. On the `Settings` tab, go to the `Advanced Settings` section and click on the `Endpoints` tab. + - Copy the `OAuth Authorization URL`, `OAuth Token URL`, `OAuth User Info URL` & `JSON Web Key Set URL` +8. In NocoDB, open `Account Settings` > `Authentication` > `OIDC` + - Insert `Client ID` retrieved in step (5) above as `Client ID` + - Insert `Client Secret` retrieved in step (5) above as `Client Secret` + - Insert `OAuth Authorization URL` retrieved in step (7) above as `Authorization URL` + - Insert `OAuth Token URL` retrieved in step (7) above as `Token URL` + - Insert `OAuth User Info URL` retrieved in step (7) above as `Userinfo URL` + - Insert `JSON Web Key Set URL` retrieved in step (7) above as `JWK Set URL` + - Set `Scope` as `openid` `profile` `email` `offline_access` +9. In the Username Attribute field, indicate the name of the claim that represents the user's email. The default value is set to "email." + +For Sign-in's, user should be able to now see `Sign in with ` option. + +:::note +Post sign-out, refresh page (for the first time) if you do not see `Sign in with ` option +::: + +For information about Auth0 API Scopes, refer [here](https://auth0.com/docs/secure/tokens/refresh-tokens) \ No newline at end of file