wiki/server/modules/authentication/oauth2/definition.yml

key: oauth2
title: Generic OAuth2
description: OAuth 2.0 is the industry-standard protocol for authorization.
author: requarks.io
logo: https://static.requarks.io/logo/oauth2.svg
color: blue-grey darken-2
website: https://oauth.net/2/
isAvailable: true
useForm: false
props:
  clientId:
    type: String
    title: Client ID
    hint: Application Client ID
    order: 1
  clientSecret:
    type: String
    title: Client Secret
    hint: Application Client Secret
    order: 2
  authorizationURL:
    type: String
    title: Authorization Endpoint URL
    hint: Application Authorization Endpoint URL
    order: 3
  tokenURL:
    type: String
    title: Token Endpoint URL
    hint: Application Token Endpoint URL
    order: 4
  userInfoURL:
    type: String
    title: User Info Endpoint URL
    hint: User Info Endpoint URL
    order: 5
  userIdClaim:
    type: String
    title: ID Claim
    hint: Field containing the user ID
    default: id
    maxWidth: 500
    order: 6
  displayNameClaim:
    type: String
    title: Display Name Claim
    hint: Field containing user display name
    default: displayName
    maxWidth: 500
    order: 7
  emailClaim:
    type: String
    title: Email Claim
    hint: Field containing the user email address
    default: email
    maxWidth: 500
    order: 8
  mapGroups:
    type: Boolean
    title: Map Groups
    hint: Map groups matching names from the groups claim value
    default: false
    order: 9
  groupsClaim:
    type: String
    title: Groups Claim
    hint: Field containing the group names
    default: groups
    maxWidth: 500
    order: 10
  logoutURL:
    type: String
    title: Logout URL
    hint: (optional) Logout URL on the OAuth2 provider where the user will be redirected to complete the logout process.
    order: 11
  scope:
    type: String
    title: Scope
    hint: (optional) Application Client permission scopes.
    order: 12
  useQueryStringForAccessToken:
    type: Boolean
    default: false
    title: Pass access token via GET query string to User Info Endpoint
    hint: (optional) Pass the access token in an `access_token` parameter attached to the GET query string of the User Info Endpoint URL. Otherwise the access token will be passed in the Authorization header.
    order: 13
  enableCSRFProtection:
    type: Boolean
    default: true
    title: Enable CSRF protection
    hint: Pass a nonce state parameter during authentication to protect against CSRF attacks.
    order: 14
feat: Generic OAuth2 authentication implementation (#3094) * OAuth2 authentication implementation This PR shoul fix #2392. Used `passport-oauth2` strategy. * indentations cleanup * cleanup code 3 years ago			`key: oauth2`
fix: various OAuth2 fixes 3 years ago			`title: Generic OAuth2`
			`description: OAuth 2.0 is the industry-standard protocol for authorization.`
feat: Generic OAuth2 authentication implementation (#3094) * OAuth2 authentication implementation This PR shoul fix #2392. Used `passport-oauth2` strategy. * indentations cleanup * cleanup code 3 years ago			`author: requarks.io`
			`logo: https://static.requarks.io/logo/oauth2.svg`
			`color: blue-grey darken-2`
			`website: https://oauth.net/2/`
			`isAvailable: true`
			`useForm: false`
			`props:`
			`clientId:`
			`type: String`
			`title: Client ID`
			`hint: Application Client ID`
			`order: 1`
			`clientSecret:`
			`type: String`
			`title: Client Secret`
			`hint: Application Client Secret`
			`order: 2`
			`authorizationURL:`
			`type: String`
			`title: Authorization Endpoint URL`
			`hint: Application Authorization Endpoint URL`
			`order: 3`
			`tokenURL:`
			`type: String`
			`title: Token Endpoint URL`
			`hint: Application Token Endpoint URL`
			`order: 4`
			`userInfoURL:`
			`type: String`
			`title: User Info Endpoint URL`
			`hint: User Info Endpoint URL`
			`order: 5`
fix: various OAuth2 fixes 3 years ago			`userIdClaim:`
feat: Generic OAuth2 authentication implementation (#3094) * OAuth2 authentication implementation This PR shoul fix #2392. Used `passport-oauth2` strategy. * indentations cleanup * cleanup code 3 years ago			`type: String`
fix: various OAuth2 fixes 3 years ago			`title: ID Claim`
			`hint: Field containing the user ID`
feat: Generic OAuth2 authentication implementation (#3094) * OAuth2 authentication implementation This PR shoul fix #2392. Used `passport-oauth2` strategy. * indentations cleanup * cleanup code 3 years ago			`default: id`
fix: various OAuth2 fixes 3 years ago			`maxWidth: 500`
feat: Generic OAuth2 authentication implementation (#3094) * OAuth2 authentication implementation This PR shoul fix #2392. Used `passport-oauth2` strategy. * indentations cleanup * cleanup code 3 years ago			`order: 6`
fix: various OAuth2 fixes 3 years ago			`displayNameClaim:`
feat: Generic OAuth2 authentication implementation (#3094) * OAuth2 authentication implementation This PR shoul fix #2392. Used `passport-oauth2` strategy. * indentations cleanup * cleanup code 3 years ago			`type: String`
fix: various OAuth2 fixes 3 years ago			`title: Display Name Claim`
			`hint: Field containing user display name`
feat: Generic OAuth2 authentication implementation (#3094) * OAuth2 authentication implementation This PR shoul fix #2392. Used `passport-oauth2` strategy. * indentations cleanup * cleanup code 3 years ago			`default: displayName`
			`maxWidth: 500`
			`order: 7`
			`emailClaim:`
			`type: String`
			`title: Email Claim`
fix: various OAuth2 fixes 3 years ago			`hint: Field containing the user email address`
feat: Generic OAuth2 authentication implementation (#3094) * OAuth2 authentication implementation This PR shoul fix #2392. Used `passport-oauth2` strategy. * indentations cleanup * cleanup code 3 years ago			`default: email`
			`maxWidth: 500`
			`order: 8`
feat: oauth2 add groups mapping (#6053) Co-authored-by: Nicolas Giard <github@ngpixel.com> 2 years ago			`mapGroups:`
			`type: Boolean`
			`title: Map Groups`
			`hint: Map groups matching names from the groups claim value`
			`default: false`
			`order: 9`
			`groupsClaim:`
			`type: String`
			`title: Groups Claim`
			`hint: Field containing the group names`
			`default: groups`
			`maxWidth: 500`
			`order: 10`
fix: various OAuth2 fixes 3 years ago			`logoutURL:`
			`type: String`
			`title: Logout URL`
			`hint: (optional) Logout URL on the OAuth2 provider where the user will be redirected to complete the logout process.`
feat: oauth2 add groups mapping (#6053) Co-authored-by: Nicolas Giard <github@ngpixel.com> 2 years ago			`order: 11`
feat(auth): OAuth2 scope support (#5181) 3 years ago			`scope:`
			`type: String`
			`title: Scope`
			`hint: (optional) Application Client permission scopes.`
feat: oauth2 add groups mapping (#6053) Co-authored-by: Nicolas Giard <github@ngpixel.com> 2 years ago			`order: 12`
feat(auth): OAuth2 access_token in GET query string in userInfoURL (#5188) 3 years ago			`useQueryStringForAccessToken:`
			`type: Boolean`
			`default: false`
			`title: Pass access token via GET query string to User Info Endpoint`
			hint: (optional) Pass the access token in an `access_token` parameter attached to the GET query string of the User Info Endpoint URL. Otherwise the access token will be passed in the Authorization header.
feat: oauth2 add groups mapping (#6053) Co-authored-by: Nicolas Giard <github@ngpixel.com> 2 years ago			`order: 13`
feat: optional oauth2 module nonce toggle 2 years ago			`enableCSRFProtection:`
			`type: Boolean`
			`default: true`
			`title: Enable CSRF protection`
			`hint: Pass a nonce state parameter during authentication to protect against CSRF attacks.`
feat: oauth2 add groups mapping (#6053) Co-authored-by: Nicolas Giard <github@ngpixel.com> 2 years ago			`order: 14`