How to add OAuth authentication with Auth0
Portainer allows that the authentication can be done with OAuth and with this help, you will learn how to set up an application in Auth0 and then how to configure the OAuth to log in Portainer.
How to create an application in Auth0
Auth0 is a company that delivers authentication services. For this help, we going to use a free plan to create an application that allows us to connect with Portainer and base the authentication in OAuth.
Log in at your dashboard in Auth0 webpage: https://manage.auth0.com/dashboard
The next thing to do is create an application, so, do a click in the Create Application button.
In the following screen, type any name you want, pick Simple Page Web Applications and do click in the Create button.
Once the application is created, copy the Client ID and Client Secret. You will need to configure Portainer.
Also, you need to specify the Callback, this is the URL that how you access to Portainer. Is important to have an https address, even without a not valid certificate, otherwise, the authentication will fail.
Also, you will need the URL of endpoints. Scroll down to the bottom of the page, do a click in Show Advanced Settings and then, click in the tab Endpoints. You will need to copy it to Portainer.
Managing the access of the endpoint.
Once you logged in Portainer, let's going to create a Team, called OAuth, and then will add access to the endpoint to that team.
To learn how to create a team, please, check this help article: https://www.portainer.io/documentation/how-to-add-a-team-to-portainer/
To add access to our brand new team called OAuth, do a click in Endpoints, and then in Manage Access.
Select the team and do a click in the Create Access button.
Once this is done, we're ready to configure the authentication of Portainer.
Configuring Portainer with OAuth details.
Go to Settings, and do a click in Authentication, and the pick OAuth.
Here you need to specify Automatic User Provisioning that allows you to create a user that's login using an OAuth credentials. Also, we need to select the team where that's users are stored.
Take this screenshot as a guide, but replace each field with your data.
Once is completed do a click in the Save Settings button. You will see a pop-up in green that indicates that the settings are saved.
To try is everything works as expected, click in Logout and we will try if we're capable to log in with the OAuth credentials. Do a click in the Login with OAuth button.
The next thing you will see on the screen is the Auth0 login page, enter your account and click in Login in the Continue button.
If all the configuration as completed using this guide, our OAuth user will log in to Portainer.
The next thing to do is give some permissions to deploy new applications or manage the endpoints.