github
/
nocodb
mirror of https://github.com/nocodb/nocodb
1
0
Fork 0
Code Issues Releases Wiki Activity
Browse Source

docs: OIDC okta, auth0

pull/7575/head
Raju Udava 10 months ago
parent
f598183a42
commit
2c2b6b81ad
2 changed files with 90 additions and 1 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 46
      packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/010.okta.md
  2. 43
      packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/020.auth0.md

46
packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/010.okta.md
Unescape View File

@ -4,3 +4,49 @@ description: 'Learn how to configure Okta as an identity provider for NocoDB.'
tags: ['SSO', 'Okta', 'OIDC']
keywords: ['SSO', 'Okta', 'OIDC', 'Authentication', 'Identity Provider']
---
This article briefs about the steps to configure Okta as Identity service provider for NocoDB
1. Enable `OIDC SSO` on NocoDB
- Go to `Account Settings` > `Authentication`
- Activate `OIDC` toggle button
2. Retrieve `Redirect URL` from NocoDB
- Go to `Account Settings` > `Authentication` > `OIDC`
- Note down `Redirect URL` ; these information will be required to be configured later with the Identity Provider
3. Sign in to your [Okta account](https://www.okta.com/) and navigate to the "Get started with Okta" page.
- Click on `Add App` for the Single Sign-On option.
- On the `Browse App Integration Catalog` page, select `Create New App`
4. In the pop-up with title `Create a new app integration`
- Choose `OIDC - OpenID Connect` as the Sign-in method
- Choose `Web Application` as the Application type
5. Go to `General Settings` on the `New Web App Integration` page
- Provide your application's name.
- From the Options in the `Grant type allowed` section, select `Authorization Code` and `Refresh Token`
- Add the `Redirect URL` under `Sign-in redirect URIs`.
- From the `Assignments section`, select an option from `Controlled access` to set up the desired accessibility configuration for this application.
- `Save`
6. On your new application,
- Go to the `General` tab
- Copy the `Client ID` and `Client Secret` from the `Client Credentials` section.
7. From `Account` dropdown in navigation bar
- Copy `Okta Domain`
8. Append "./well-known/openid-configuration" to the `Okta Domain` URL & access it
- Example: https://dev-123456.okta.com/.well-known/openid-configuration
- Copy `authorization_endpoint`, `token_endpoint`, `userinfo_endpoint` & `jwks_uri` from the JSON response
9. In NocoDB, open `Account Settings` > `Authentication` > `OIDC`
- Insert `Client ID` retrieved in step (6) above as `Client ID`
- Insert `Client Secret` retrieved in step (6) above as `Client Secret`
- Insert `authorization_endpoint` retrieved in step (8) above as `Authorization URL`
- Insert `token_endpoint` retrieved in step (8) above as `Token URL`
- Insert `userinfo_endpoint` retrieved in step (8) above as `Userinfo URL`
- Insert `jwks_uri` retrieved in step (8) above as `JWK Set URL`
- Set `Scope` as `openid` `profile` `email` `offline_access`
10. In the Username Attribute field, indicate the name of the claim that represents the user's email. The default value is set to "email."
For Sign-in's, user should be able to now see `Sign in with <SSO>` option.
:::note
Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option
:::
For information about Okta API Scopes, refer [here](https://developer.okta.com/docs/reference/api/oidc/#scopes)

43
packages/noco-docs/docs/140.account-settings/040.authentication/040.OIDC-SSO/020.auth0.md
Unescape View File

@ -1 +1,44 @@
---
title: 'Auth0'
description: 'Learn how to configure Auth0 as an identity provider for NocoDB.'
tags: ['SSO', 'Auth0', 'OIDC']
keywords: ['SSO', 'Auth0', 'OIDC', 'Authentication', 'Identity Provider']
---
This article briefs about the steps to configure Auth0 as Identity service provider for NocoDB
1. Enable `OIDC SSO` on NocoDB
- Go to `Account Settings` > `Authentication`
- Activate `OIDC` toggle button
2. Retrieve `Redirect URL` from NocoDB
- Go to `Account Settings` > `Authentication` > `OIDC`
- Note down `Redirect URL` ; these information will be required to be configured later with the Identity Provider
3. Access your [Auth0 account](https://auth0.com/)
- navigate to `Applications` > `Create Application`.
4. In the `Create Application` modal,
- choose `Regular Web Application`
- click `Create`
5. On Quick start screen, go to `Settings` tab
- Copy the `Client ID` and `Client Secret` from the `Basic Information` section.
6. Goto `Application URIs` section
- Add the `Redirect URL` copied from step(2) under `Allowed Callback URLs`.
- `Save Changes`
7. On the `Settings` tab, go to the `Advanced Settings` section and click on the `Endpoints` tab.
- Copy the `OAuth Authorization URL`, `OAuth Token URL`, `OAuth User Info URL` & `JSON Web Key Set URL`
8. In NocoDB, open `Account Settings` > `Authentication` > `OIDC`
- Insert `Client ID` retrieved in step (5) above as `Client ID`
- Insert `Client Secret` retrieved in step (5) above as `Client Secret`
- Insert `OAuth Authorization URL` retrieved in step (7) above as `Authorization URL`
- Insert `OAuth Token URL` retrieved in step (7) above as `Token URL`
- Insert `OAuth User Info URL` retrieved in step (7) above as `Userinfo URL`
- Insert `JSON Web Key Set URL` retrieved in step (7) above as `JWK Set URL`
- Set `Scope` as `openid` `profile` `email` `offline_access`
9. In the Username Attribute field, indicate the name of the claim that represents the user's email. The default value is set to "email."
For Sign-in's, user should be able to now see `Sign in with <SSO>` option.
:::note
Post sign-out, refresh page (for the first time) if you do not see `Sign in with <SSO>` option
:::
For information about Auth0 API Scopes, refer [here](https://auth0.com/docs/secure/tokens/refresh-tokens)
Write Preview
Loading…
Cancel
Save