Skip to content

docs: update external auth to better explain process #15970

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Jan 3, 2025
Merged

docs: update external auth to better explain process #15970

Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
b29859a
[docs] update external auth to better explain process
ChristopherJTrent Dec 28, 2024
5a8658d
add example to terraform snippet
ChristopherJTrent Dec 28, 2024
45ad599
Apply suggestions from code review
ChristopherJTrent Jan 2, 2025
92a6d37
manually integrate code-review suggestion
ChristopherJTrent Jan 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
32 changes: 29 additions & 3 deletions docs/admin/external-auth.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,21 +12,47 @@ application. The following providers are supported:
The next step is to configure the Coder server to use the OAuth application by
setting the following environment variables:

## Configuration

```env
CODER_EXTERNAL_AUTH_0_ID="<USER_DEFINED_ID>"
CODER_EXTERNAL_AUTH_0_TYPE=<github|gitlab|azure-devops|bitbucket-cloud|bitbucket-server|etc>
CODER_EXTERNAL_AUTH_0_CLIENT_ID=xxxxxx
CODER_EXTERNAL_AUTH_0_CLIENT_SECRET=xxxxxxx
CODER_EXTERNAL_AUTH_0_CLIENT_ID=<OAuth app client ID>
CODER_EXTERNAL_AUTH_0_CLIENT_SECRET=<OAuth app client secret>

# Optionally, configure a custom display name and icon
CODER_EXTERNAL_AUTH_0_DISPLAY_NAME="Google Calendar"
CODER_EXTERNAL_AUTH_0_DISPLAY_ICON="https://mycustomicon.com/google.svg"
```

The `CODER_EXTERNAL_AUTH_0_ID` environment variable is used for internal
reference. Therefore, it can be set arbitrarily (e.g., `primary-github` for your
GitHub provider).

You can now add the following code to any template. This will add a button to the workspace setup page which will allow you to authenticate with your provider.

```tf
data "coder_external_auth" "<github|gitlab|azure-devops|bitbucket-cloud|bitbucket-server|etc>" {
id = "<USER_DEFINED_ID>"
}

# Github Example (CODER_EXTERNAL_AUTH_0_ID="github-auth")
# makes a github authentication token available at data.coder_external_auth.github.access_token
data "coder_external_auth" "github" {
id = "github-auth"
}

```

Inside your terraform code, you now have access to authentication variables. Reference the documentation for your chosen provider for more information on how to supply it with a token.

### Workspace CLI
An access token can be accessed within the workspace by using

```
coder external-auth <USER_DEFINED_ID> access-token
```


## GitHub

> If you don't require fine-grained access control, it's easier to configure a
Expand Down
Loading