You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/docs/configuration/idp.mdx
+3Lines changed: 3 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -531,6 +531,7 @@ A JumpCloud connection can be used for [authentication](/docs/configuration/auth
531
531
532
532
When configuring your application:
533
533
- Set the SSO type to "OIDC"
534
+
- Set the **Token Endpoint Authentication Method** to `client_secret_basic`. JumpCloud defaults to `client_secret_post`, but Sourcebot requires `client_secret_basic`.
534
535
- Add `<sourcebot_url>/api/auth/callback/jumpcloud` to the redirect URIs (ex. https://sourcebot.coolcorp.com/api/auth/callback/jumpcloud)
535
536
- Set the login URL to `<sourcebot_url>/login`
536
537
@@ -539,6 +540,8 @@ A JumpCloud connection can be used for [authentication](/docs/configuration/auth
539
540
<Steptitle="Define environment variables">
540
541
The client id, secret, and issuer URL are provided to Sourcebot via environment variables. These can be named whatever you like
541
542
(ex. `JUMPCLOUD_IDENTITY_PROVIDER_CLIENT_ID`, `JUMPCLOUD_IDENTITY_PROVIDER_CLIENT_SECRET`, and `JUMPCLOUD_IDENTITY_PROVIDER_ISSUER`)
543
+
544
+
You must also set the `AUTH_SECRET` environment variable. Generate one with `openssl rand -base64 33` and pass it to your Sourcebot deployment. While `AUTH_SECRET` is auto-generated if not provided, it must be explicitly set for SSO to work reliably across restarts.
542
545
</Step>
543
546
<Steptitle="Define the identity provider config">
544
547
Create a `identityProvider` object in the [config file](/docs/configuration/config-file) with the following fields:
0 commit comments