Edit docs for server.oidc_authentication.autologin cluster setting
#18384
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✅ Deploy Preview for cockroachdb-api-docs canceled.
|
✅ Deploy Preview for cockroachdb-interactivetutorials-docs canceled.
|
✅ Netlify Preview
To edit notification comments on pull requests, go to your Netlify site configuration. |
florence-crl
approved these changes
May 6, 2024
src/current/v24.1/sso-db-console.md
Outdated
| @@ -76,7 +76,7 @@ You must configure the [cluster settings]({% link {{ page.version.version }}/clu | |||
| | `server.oidc_authentication.scopes` | A space-delimited list of the [OAuth scopes](https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims) being requested for an Access Token. The `openid` and `email` scopes must be included.<br>**Example:** `openid profile email`. | |||
| | `server.oidc_authentication.claim_json_key` | The field/key used to identify the user from the external identity provider's [ID Token](https://openid.net/specs/openid-connect-core-1_0.html#IDToken). | |||
| | `server.oidc_authentication.principal_regex` | Regex used to map the external identity key to a SQL user. For example: `^([^@]+)@[^@]+$` matches any email address (defined as a string containing one `@` sign) and extracts a username from the string to the left of `@`, whereas `^(.+)$` maps the claim directly to a principal. | |||
| | `server.oidc_authentication.autologin` | Must be set to `true`. | |||
| | `server.oidc_authentication.autologin` | A Boolean that enables or disables automatic login with SSO when the DB Console is loaded. If set to false, the user will have to click "Login with OIDC" before they're authenticated. | |||
There was a problem hiding this comment.
Suggested change
| | `server.oidc_authentication.autologin` | A Boolean that enables or disables automatic login with SSO when the DB Console is loaded. If set to false, the user will have to click "Login with OIDC" before they're authenticated. | |
| | `server.oidc_authentication.autologin` | A Boolean that enables or disables automatic login with SSO when the DB Console is loaded. If set to `false` (the default), the user will have to click **Login with OIDC** before they're authenticated. |
There was a problem hiding this comment.
Done. Also added a setting which I realized was missing and ported changes to last 2 versions.
The `server.oidc_authentication.autologin` setting is not required to be `true` and can be set based on customer preference. Added docs for the `server.oidc_authentication.button_text` setting which has existed for all supported versions.
dhartunian
force-pushed
the
dhartunian-patch-1
branch
from
b7143dc
to
0e14cd2
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This setting is not required to be
trueand can be set based on customer preference.