Rok Registry Authentication¶
This guide will walk you through configuring external OIDC providers for authentication in Rok Registry. From now on, we will refer to these providers as social providers.
Below you can find a list of the configuration settings for social providers.
|name||String||A user-friendly name for the provider. This value is displayed in the login page of Rok Registry.|
|type||String||The type of this provider. The value of this field will determine the
default values that will be used for the optional fields. Currently,
|client_id||String||The client ID given by the social provider when registering the application.|
|client_secret||String||The client secret given by the social provider when registering the application.|
|issuer_root_endpoint||String||The endpoint for the OIDC discovery mechanism. This field is optional.|
|authorization_endpoint token_endpoint userinfo_endpoint||String||The endpoints to perform the OIDC code authentication flow and retrieve information about the authenticated user. If no issuer root endpoint is given, then these three endpoints must be defined.|
|mapping||Dictionary||Mapping between the social provider claims and the standard OIDC claims. This field is optional.|
|scopes||List of strings||The scopes Rok Registry will request when authenticating the user with the external provider. This field is optional. The 'openid' scope is implied.|
|assume_email_verified||Boolean||Whether to assume that the user email is verified. This should be set to true when the social provider doesn't support email verification. This field is optional.|
You have successfully configured social providers in Rok Registry for authenticating your users.