mirror of
https://github.com/netbirdio/netbird.git
synced 2024-11-07 08:44:07 +01:00
26bbc33e7a
added intergration with JumpCloud User API. Use the steps in setup.md for configuration. Additional changes: - Enhance compatibility for providers that lack audience support in the Authorization Code Flow and the Authorization - - Code Flow with Proof Key for Code Exchange (PKCE) using NETBIRD_DASH_AUTH_USE_AUDIENCE=falseenv - Verify tokens by utilizing the client ID when audience support is absent in providers
76 lines
2.7 KiB
Cheetah
76 lines
2.7 KiB
Cheetah
{
|
|
"Stuns": [
|
|
{
|
|
"Proto": "udp",
|
|
"URI": "stun:$NETBIRD_DOMAIN:3478",
|
|
"Username": "",
|
|
"Password": null
|
|
}
|
|
],
|
|
"TURNConfig": {
|
|
"Turns": [
|
|
{
|
|
"Proto": "udp",
|
|
"URI": "turn:$NETBIRD_DOMAIN:3478",
|
|
"Username": "$TURN_USER",
|
|
"Password": "$TURN_PASSWORD"
|
|
}
|
|
],
|
|
"CredentialsTTL": "12h",
|
|
"Secret": "secret",
|
|
"TimeBasedCredentials": false
|
|
},
|
|
"Signal": {
|
|
"Proto": "$NETBIRD_SIGNAL_PROTOCOL",
|
|
"URI": "$NETBIRD_DOMAIN:$NETBIRD_SIGNAL_PORT",
|
|
"Username": "",
|
|
"Password": null
|
|
},
|
|
"Datadir": "",
|
|
"HttpConfig": {
|
|
"Address": "0.0.0.0:$NETBIRD_MGMT_API_PORT",
|
|
"AuthIssuer": "$NETBIRD_AUTH_AUTHORITY",
|
|
"AuthAudience": "$NETBIRD_AUTH_AUDIENCE",
|
|
"AuthKeysLocation": "$NETBIRD_AUTH_JWT_CERTS",
|
|
"AuthUserIDClaim": "$NETBIRD_AUTH_USER_ID_CLAIM",
|
|
"CertFile":"$NETBIRD_MGMT_API_CERT_FILE",
|
|
"CertKey":"$NETBIRD_MGMT_API_CERT_KEY_FILE",
|
|
"OIDCConfigEndpoint":"$NETBIRD_AUTH_OIDC_CONFIGURATION_ENDPOINT"
|
|
},
|
|
"IdpManagerConfig": {
|
|
"ManagerType": "$NETBIRD_MGMT_IDP",
|
|
"ClientConfig": {
|
|
"Issuer": "$NETBIRD_AUTH_AUTHORITY",
|
|
"TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
|
|
"ClientID": "$NETBIRD_IDP_MGMT_CLIENT_ID",
|
|
"ClientSecret": "$NETBIRD_IDP_MGMT_CLIENT_SECRET",
|
|
"GrantType": "client_credentials"
|
|
},
|
|
"ExtraConfig": $NETBIRD_IDP_MGMT_EXTRA_CONFIG
|
|
},
|
|
"DeviceAuthorizationFlow": {
|
|
"Provider": "$NETBIRD_AUTH_DEVICE_AUTH_PROVIDER",
|
|
"ProviderConfig": {
|
|
"Audience": "$NETBIRD_AUTH_DEVICE_AUTH_AUDIENCE",
|
|
"Domain": "$NETBIRD_AUTH0_DOMAIN",
|
|
"ClientID": "$NETBIRD_AUTH_DEVICE_AUTH_CLIENT_ID",
|
|
"TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
|
|
"DeviceAuthEndpoint": "$NETBIRD_AUTH_DEVICE_AUTH_ENDPOINT",
|
|
"Scope": "$NETBIRD_AUTH_DEVICE_AUTH_SCOPE",
|
|
"UseIDToken": $NETBIRD_AUTH_DEVICE_AUTH_USE_ID_TOKEN
|
|
}
|
|
},
|
|
"PKCEAuthorizationFlow": {
|
|
"ProviderConfig": {
|
|
"Audience": "$NETBIRD_AUTH_PKCE_AUDIENCE",
|
|
"ClientID": "$NETBIRD_AUTH_CLIENT_ID",
|
|
"ClientSecret": "$NETBIRD_AUTH_CLIENT_SECRET",
|
|
"AuthorizationEndpoint": "$NETBIRD_AUTH_PKCE_AUTHORIZATION_ENDPOINT",
|
|
"TokenEndpoint": "$NETBIRD_AUTH_TOKEN_ENDPOINT",
|
|
"Scope": "$NETBIRD_AUTH_SUPPORTED_SCOPES",
|
|
"RedirectURLs": [$NETBIRD_AUTH_PKCE_REDIRECT_URLS],
|
|
"UseIDToken": $NETBIRD_AUTH_PKCE_USE_ID_TOKEN
|
|
}
|
|
}
|
|
}
|