Kratos External Idp Integrator
- Identity Charmers
Channel | Revision | Published | Runs on |
---|---|---|---|
latest/edge | 259 | 19 Nov 2024 | |
0.2/stable | 192 | 26 Jun 2024 | |
0.2/edge | 192 | 01 May 2024 | |
0.1/edge | 182 | 15 Sep 2023 |
juju deploy kratos-external-idp-integrator --channel 0.1/edge
Deploy universal operators easily with Juju, the Universal Operator Lifecycle Manager.
Platform:
-
apple_private_key | string
The private key downloaded from Apple. To be used only with apple providers.
-
apple_private_key_id | string
The private key identifier generated by Apple. To be used only with apple providers.
-
apple_team_id | string
The Team ID provided by Apple. To be used only with apple providers.
-
client_id | string
The registered client_id
-
client_secret | string
The registered client_secret
-
enabled | boolean
Default: True
Controls whether the provider is enabled.
-
issuer_url | string
The issuer_url, this value is only used when provider is "generic" or "auth0"
-
jsonnet_mapper | string
The jsonnet mapper that will be used for mapping the external idp claims to kratos attributes. For example:
local claims = { email_verified: false, } + std.extVar('claims');
{ identity: { traits: { [if 'email' in claims && claims.email_verified then 'email' else null]: claims.email, [if 'name' in claims then 'name' else null]: claims.name, [if 'given_name' in claims then 'given_name' else null]: claims.given_name, [if 'family_name' in claims then 'family_name' else null]: claims.family_name, }, }, }
For more info see https://www.ory.sh/docs/kratos/reference/jsonnet.
-
microsoft_tenant_id | string
The Microsoft tenant_id. To be used only with microsoft providers.
-
provider | string
Default: generic
The provider name, must be one of the following: ["generic", "google", "facebook", "microsoft", "github", "apple", "gitlab", "auth0", "slack", "spotify", "discord", "twitch", "netid", "yandex", "vk", "dingtalk"]. Defaults to "generic"
-
provider_id | string
The provider's ID to be used in Kratos. The redirect_uri is generated based on this. You must not have 2 providers with the same ID registered in Kratos.
-
scope | string
Default: profile email address phone
Space separated list of allowed scopes for the provider.
-
secret_backend | string
Default: relation
The backend to use for passing sensitive information to Kratos.