|
1 | 1 | # Authentication |
2 | 2 |
|
3 | | -. |
| 3 | +``` |
| 4 | +Insert an overview of authentication, include |
| 5 | +
|
| 6 | +1. Who is authenticating into what |
| 7 | +2. Users that are able to set up authentication. |
| 8 | +3. Include a link to get more details about User roles, https://coder.com/docs/admin/users. |
| 9 | +4. When its important to set up Authentication, right after install? everytime a new user is added? When deploying to a new enviroment (dev, production)? |
| 10 | +
|
| 11 | +``` |
4 | 12 |
|
5 | | -By default, Coder is accessible via password authentication. Coder does not |
| 13 | +> By default, Coder is accessible via password authentication. Coder does not |
6 | 14 | recommend using password authentication in production, and recommends using an |
7 | 15 | authentication provider with properly configured multi-factor authentication |
8 | 16 | (MFA). It is your responsibility to ensure the auth provider enforces MFA |
9 | 17 | correctly. |
10 | 18 |
|
11 | | -The following steps explain how to set up GitHub OAuth or OpenID Connect. |
| 19 | +``` |
| 20 | +Depending on how long and distinct this information is, I'd recommend breaking the Authentication topic up into different pages to give readers information on how to set up the different Authentication methods. So, break up Password, Github, and OpenID Connect into seprate pages under Authentication heading and list the pages from most to least used or recommend authentication type. |
| 21 | +
|
| 22 | +Other sections to include in an Authentication section: |
| 23 | +* Any limitations or precautions to take if you change they Authentication method on a running platform |
| 24 | +
|
| 25 | +``` |
| 26 | + |
| 27 | +## Password authentication |
| 28 | + |
| 29 | +``` |
| 30 | +Add information about how password authentication works. Its mentioned in the note that recommends not to use password authentication in production, but the concept is never explained. |
| 31 | +``` |
| 32 | + |
12 | 33 |
|
13 | 34 | ## GitHub |
14 | 35 |
|
@@ -508,6 +529,10 @@ Below are some details specific to individual OIDC providers. |
508 | 529 |
|
509 | 530 | ### Keycloak |
510 | 531 |
|
| 532 | +``` |
| 533 | +Is there any testing or versioning that important to highlight for this information? Include a link to an related of set up docs for Keycloak. |
| 534 | +``` |
| 535 | +
|
511 | 536 | The access_type parameter has two possible values: "online" and "offline." By |
512 | 537 | default, the value is set to "offline". This means that when a user |
513 | 538 | authenticates using OIDC, the application requests offline access to the user's |
|
0 commit comments