The example uses Okta dev domains to set up.

Register at OKTA (developer.okta.com) or another OIDC provider and then complete the relevant details in the example client_secrets.json file found in the ./resources/ folder.

Setup of configuration can be by file or by environment variables.

Set the CLIENT_SECRETS_JSON environment variable to the location of your client secrets JSON file.

{
"auth_uri": "https://{{domain}}.okta.com/oauth2/default/v1/authorize",
"client_id": "{{client_id}}",
"client_secret": "{{client_secret}}",
"redirect_uri": "http://localhost:5052/oidc/oidc_callback",
"issuer": "https://{{domain}}.okta.com/oauth2/default",
"token_uri": "https://{{domain}}.okta.com/oauth2/default/v1/token",
"userinfo_uri": "https://{{domain}}.okta.com/oauth2/default/v1/userinfo",
"scope": "openid email profile groups",
"userinfo_key_groups": "groups"
}

    

Replace {domain} with the domain of your Okta registered domain. Insert the client_id and client_secret.

Most of the file is standard OIDC setup. Set these additional values to configure retrieving scopes and groups for access security.

Instead of using a configuration file all settings can be specified using individual environment values. As follows:

NOTE: if you use a file to configure single sign on, these environment variables are not used.