diff options
author | Joao Cardoso <car12o@users.noreply.github.com> | 2024-04-30 17:13:08 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2024-04-30 19:13:08 +0300 |
commit | 9f0820aa66b99220d3465966a44143d450d2f7e5 (patch) | |
tree | 2d9a8ff99f9d43fe4477452a9b41479377419081 /integrations | |
parent | a03b52a4dede68d5a5471c493e1b3a6bc53e80ff (diff) |
Add OIDC docs (#17557)
* feat: add OIDC docs
* Update integrations/cloud-authentication/metadata.yaml
Co-authored-by: Hugo Valente <82235632+hugovalente-pm@users.noreply.github.com>
* Update integrations/cloud-authentication/metadata.yaml
Co-authored-by: Hugo Valente <82235632+hugovalente-pm@users.noreply.github.com>
---------
Co-authored-by: Hugo Valente <82235632+hugovalente-pm@users.noreply.github.com>
Diffstat (limited to 'integrations')
-rw-r--r-- | integrations/cloud-authentication/metadata.yaml | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/integrations/cloud-authentication/metadata.yaml b/integrations/cloud-authentication/metadata.yaml index 502c8fc668..49e6032657 100644 --- a/integrations/cloud-authentication/metadata.yaml +++ b/integrations/cloud-authentication/metadata.yaml @@ -47,3 +47,58 @@ ### SP-initiated SSO If you start your authentication flow from Netdata sign-in page please check [these steps](https://github.com/netdata/netdata/blob/master/docs/netdata-cloud/enterprise-sso-authentication.md#from-netdata-sign-up-page). + +- id: 'oidc-authentication' + meta: + name: 'OIDC' + link: 'https://netdata.cloud' + categories: + - auth + icon_filename: 'openid.svg' + keywords: + - sso + - oidc + overview: + authentication_description: "Integrate your organization's Authorization Servers with Netdata to better manage your team's access controls to Netdata Cloud." + authentication_limitations: '' + setup: + description: | + ### Prerequisites + - Authorization Server with OIDC protocol supported + - A Netdata Cloud account + - Access to the Space as an administrator + - Space needs to be on the Business plan or higher + + ### Setting up Authorization Server + Your server should follow the [full specification for OIDC](https://openid.net/specs/openid-connect-core-1_0.html). + In order to integrate your Authorization Server with Netdata the creation of a client is required. Clients are applications and services that can request authentication of a user. + The access settings for your client are the following: + | field | value | + | :-- | :-- | + | Root URL | https://app.netdata.cloud/ | + | Home/Initiate login URL | https://app.netdata.cloud/api/v2/auth/account/auth-server?iss={your-server-issuer-url}&redirect_uri=https://app.netdata.cloud/sign-in®ister_uri=https://app.netdata.cloud/sign-up/verify | + | Redirect URL | https://app.netdata.cloud/api/v2/auth/account/auth-server/callback | + + ### Netdata Configuration Steps + 1. Click on the Space settings cog (located above your profile icon) + 2. Click on the **Authentication** tab + 3. On the OIDC card, click on **Configure** + 4. Fill in the required credentials: + - **Issuer URL** the Authorization Server Issuer URL, e.g. `https://my-auth-server.com/` + - **Client ID** the Client ID from the created client + - **Client Secret** the Client Secret from the created client + - **Authorization URL** the Authorization Server authorization URL, e.g. `https://my-auth-server.com/openid-connect/auth` + - **Token URL** the Authorization Server token URL, e.g. `https://my-auth-server.com/openid-connect/token` + - **User URL** the Authorization Server user info URL, e.g. `https://my-auth-server.com/openid-connect/userinfo` + + ### Supported features + * SP-initiated SSO (Single Sign-On) + * IdP-initiated SSO + + ### SP-initiated SSO + + If you start your authentication flow from Netdata sign-in page please check [these steps](https://github.com/netdata/netdata/blob/master/docs/netdata-cloud/enterprise-sso-authentication.md#from-netdata-sign-up-page). + + + ### Reference + https://openid.net/developers/how-connect-works/ |