7dc3dfe5cb
Revert configurable DCR token expiration ( #31278 )
...
Signed-off-by: benjdlambert <ben@blam.sh >
2026-02-17 17:07:24 +01:00
31de2c9b3a
feat(auth-backend): add experimental CIMD support ( #32307 )
...
Signed-off-by: benjdlambert <ben@blam.sh >
2026-02-17 17:00:49 +01:00
d0786b968e
auth-backend: add experimental refresh token support ( #32695 )
...
* auth-backend: add experimental refresh token support
Signed-off-by: benjdlambert <ben@blam.sh >
* auth-backend: refresh token review fixes
Signed-off-by: benjdlambert <ben@blam.sh >
* auth-backend: address PR review feedback for refresh tokens
Signed-off-by: benjdlambert <ben@blam.sh >
---------
Signed-off-by: benjdlambert <ben@blam.sh >
2026-02-10 17:00:51 +01:00
51ff7d8e46
feat(auth): allow configuring DCR token expiration
...
this adds a new config value for exprimental dynamic client registration
feature that allows configuring the token expiration.
added also missing config values to the config schema for this feature.
Signed-off-by: Hellgren Heikki <heikki.hellgren@op.fi >
2025-10-14 16:31:09 +03:00
0d606aca23
auth-backend: add omitIdentityTokenOwnershipClaim flag
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2025-04-24 01:24:50 +02:00
d72da5ec19
removed all project references
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2025-04-15 21:42:24 +02:00
25d05f9d89
move the auth.backstageTokenExpiration key
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2025-04-15 16:52:04 +02:00
d52d7f9935
implement support for string form human durations in config
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-11-17 23:06:26 +01:00
9f974a05da
fix: Tidy auth-backend config.d.ts
...
Signed-off-by: Jack Palmer <jackpalmer@spotify.com >
2024-05-03 15:49:53 +01:00
c26218d351
extract the cloudflare access auth provider
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-04-14 11:39:33 +02:00
4ba7447847
Update plugins/auth-backend/config.d.ts
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2024-02-26 16:38:20 +01:00
0d1ad9faf9
PR feedback: change structure of serviceTokens config
...
Signed-off-by: Tyler Davis <tylerd@canva.com >
2024-02-22 17:20:55 +11:00
425488bac5
Updated to be string[]
...
Signed-off-by: Andre Wanlin <awanlin@spotify.com >
2024-02-10 14:42:54 -06:00
bd29b2870b
Added experimentalExtraAllowedOrigins to config
...
Signed-off-by: Andre Wanlin <awanlin@spotify.com >
2024-02-10 12:33:55 -06:00
3a00dc56a5
Merge pull request #21993 from Ericsson/configuration_token_expiry
...
Ability for Users to configure auth token expiration [19341]
2024-02-03 12:58:56 +01:00
d80c311f6b
Merge pull request #22208 from Bonial-International-GmbH/pjungermann/auth-ms
...
auth-backend: use externalized microsoft auth implementation again
2024-01-21 21:11:17 +01:00
5d2fcba064
PR chores, changeset,apireport
...
Signed-off-by: Ruben Vallejo <rvallejo@vmware.com >
2024-01-17 18:50:17 -05:00
8e8a25dba5
Ability for Users to configure auth token expiration [19341]
...
Signed-off-by: Andy Muldoon <andy.muldoon@ericsson.com >
2024-01-12 12:55:21 +00:00
a3f1fa30f5
auth-backend: use externalized microsoft auth implementation again
...
This reverts commit 96c4f54bf6#20706 fixed the issues that required
the revert of the implementation.
Relates-to: PR #20706
Relates-to: PR #20732
Relates-to: PR #20734
Relates-to: PR #20120
Relates-to: PR #22184
Signed-off-by: Patrick Jungermann <Patrick.Jungermann@gmail.com >
2024-01-12 02:20:16 +01:00
f7e10a7510
Initial commit
...
Signed-off-by: Josh Uvi <joshuauvbiekpahor@gmail.com >
2023-11-15 15:20:16 +00:00
812700e590
Merge pull request #20580 from ataylorme/feat/okta-auth-scope-option
...
Allow user-defined scopes for Okta auth in config yaml
2023-11-14 11:45:20 +01:00
8466307819
Use additionalScopes for Okta auth instead of overriding scope entirely
...
Signed-off-by: ataylorme <andrew@ataylor.me >
2023-10-26 05:36:02 -07:00
664e86f7f9
Merge pull request #19649 from rtriesscheijn/feature/fixed-token-issuer
...
feature(auth-backend): add a stable token issuer
2023-10-24 11:58:13 +02:00
96c4f54bf6
auth-backend: revert microsoft auth implementation
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-10-23 12:25:17 +02:00
bdf08ad04a
feat: add static token issuer
...
Signed-off-by: rtriesscheijn <rtriesscheijn@bol.com >
2023-10-16 10:48:48 +02:00
2d8f7e82c1
auth-backend: migrate microsoft provider to separate module
...
Signed-off-by: Chris Gemmell <chris.gemmell8@gmail.com >
2023-09-23 15:26:40 +10:00
080cc77947
auth-backend: migrate gitlab provider to separate module
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-22 13:44:42 +02:00
7944d43f47
auth-backend: add plugin export for new backend system
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2023-08-18 15:06:41 +02:00
bb70a9c388
chore: add frontend visibility to provider objects in auth config
...
Signed-off-by: djamaile <rdjamaile@gmail.com >
2023-08-02 12:09:46 +02:00
9dad4b0e61
Config validation clean up
...
Signed-off-by: Andre Wanlin <67169551+awanlin@users.noreply.github.com >
2023-07-28 14:52:35 -05:00
473db605a4
Enable strict checking of config during CLI.
...
Signed-off-by: Aramis Sennyey <sennyeya@amazon.com >
2023-05-09 10:04:10 -04:00
0b5febcd75
Make callbackUrl optional.
...
Signed-off-by: Aramis Sennyey <sennyeya@amazon.com >
2023-03-16 17:36:39 -04:00
19a0d5b429
Add additional auth backend props and limit visibility.
...
Signed-off-by: Aramis Sennyey <sennyeya@amazon.com >
2023-03-06 17:03:42 -05:00
3cedfd8365
add Cloudflare Access authentication provider
...
Signed-off-by: Renlord Yang <renlord@cloudflare.com >
Signed-off-by: Renlord Yang <me@renlord.com >
2022-07-14 22:54:26 +08:00
de231e5b06
declare the oauth2proxy clientSecret a secret
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2022-04-05 15:47:35 +02:00
3e0e2f09d5
auth-backend: add forwarding of the SAML audience option
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2021-11-09 16:25:34 +01:00
34da1574a3
auth-backend: rename postgres keystore provider to database
...
Signed-off-by: Patrik Oldsberg <poldsberg@gmail.com >
2021-10-21 13:48:49 +02:00
b294f6056f
Wrap operations in a configurable timeout and add method to verify the database connection
...
Signed-off-by: Marcus Eide <eide@spotify.com >
2021-10-19 16:42:40 +02:00
33b9694f5c
Add support for more settings
...
Signed-off-by: Marcus Eide <eide@spotify.com >
2021-10-15 10:38:50 +02:00
d8ea1edcdb
Add support for auth.keyStore in application config
...
Signed-off-by: Marcus Eide <eide@spotify.com >
2021-10-15 10:37:56 +02:00
e9b9272865
added new params to the config schema
...
Signed-off-by: gracheva <gracheva@tutu.tech >
2021-10-07 16:50:28 +03:00
19f45179a5
Bump passport-saml to version 3
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2021-08-31 16:47:00 +02:00
cd0a49fd6b
chore: tidying up a little bit ready for release
...
Signed-off-by: blam <ben@blam.sh >
2021-07-29 10:13:25 +02:00
04be344a8f
Set acceptedClockSkewMs SAML configuration optional
...
Signed-off-by: Stéphane MORI <stephane.mori@gmail.com >
2021-07-28 09:37:37 +02:00
6192b5e1c7
Allow to configure SAML auth acceptedClockSkewMs
...
Signed-off-by: Stéphane MORI <stephane.mori@gmail.com >
2021-07-28 09:37:37 +02:00
a88073c29a
Update copyright headers
...
Signed-off-by: Fredrik Adelöw <freben@gmail.com >
2021-06-18 20:26:42 +02:00
67f66c2962
Fix auth environment type; GitLab audience optional
...
Signed-off-by: Tim Hansen <timbonicus@gmail.com >
2021-03-24 15:47:17 -06:00
9c302e39bf
incorrectly added callbackUrl
2021-02-09 15:01:46 -05:00
07bafa248e
Add configurable OAuth 2.0 scopes
...
- Add oauth2 config for optional scopes
- Document oauth2 config keys
- Add OAuth2 to demo app list of identity providers
2021-02-09 14:50:20 -05:00
da8b9ef1d8
add fields to config type for aws-alb provider
2021-01-26 11:41:41 -08:00
benjdlambert