How to add OAuth authentication with Auth0

< All Topics

Portainer allows that the authentication can be done with OAuth and with this help, you will learn how to set up an application in Auth0 and then how to configure the OAuth to log in Portainer.

How to create an application in Auth0

Auth0 is a company that delivers authentication services. For this help, we going to use a free plan to create an application that allows us to connect with Portainer and base the authentication in OAuth.

Log in at your dashboard in Auth0 webpage: https://manage.auth0.com/dashboard

The next thing to do is create an application, so, do a click in the Create Application button.

From your dashboard, click in Create Application.

 

 

 

 

 

 

 

 

 

 

 

In the following screen, type any name you want, pick Simple Page Web Applications and do click in the Create button.

The name of the application can be anything. Not need to be specific here.

 

 

 

 

 

 

 

 

 

 

 

 

Once the application is created, copy the Client ID and Client Secret. You will need to configure Portainer.

Copy this info, we going to need to configure Portainer.

 

 

 

 

 

 

 

 

 

 

 

Also, you need to specify the Callback, this is the URL that how you access to Portainer. Is important to have an https address, even without a not valid certificate, otherwise, the authentication will fail.

You need to put here the URL of Portainer. Need to be an https address.

 

 

 

 

 

 

Also, you will need the URL of endpoints. Scroll down to the bottom of the page, do a click in Show Advanced Settings and then, click in the tab Endpoints. You will need to copy it to Portainer.

Copy the URL indicated with the arrow. The others are not needed.

 

 

 

 

 

 

 

 

 

 

 

Managing the access of the endpoint.

Once you logged in Portainer, let's going to create a Team, called OAuth, and then will add access to the endpoint to that team.

To learn how to create a team, please, check this help article: https://www.portainer.io/documentation/how-to-add-a-team-to-portainer/

To add access to our brand new team called OAuth, do a click in Endpoints, and then in Manage Access.

Click in Endpoints and then in Manage Access.

 

 

 

 

 

 

 

 

Select the team and do a click in the Create Access button.

Select the team and click in Create Access button.

 

 

 

 

 

 

 

 

Once this is done, we're ready to configure the authentication of Portainer.

Configuring Portainer with OAuth details.

Go to Settings, and do a click in Authentication, and the pick OAuth.

Here you need to specify Automatic User Provisioning that allows you to create a user that's login using an OAuth credentials. Also, we need to select the team where that's users are stored.

Take this screenshot as a guide, but replace each field with your data.

Remember the data you collected before, Now is when we need it.

 

 

 

 

 

 

 

 

Once is completed do a click in the Save Settings button. You will see a pop-up in green that indicates that the settings are saved.

It's all done. It's time to try how everything works.

 

 

 

 

 

 

 

 

To try is everything works as expected, click in Logout and we will try if we're capable to log in with the OAuth credentials. Do a click in the Login with OAuth button.

Choose Login with OAuth.

 

 

 

 

 

 

 

 

 

 

The next thing you will see on the screen is the Auth0 login page, enter your account and click in Login in the Continue button.

This is the Login from Auth0.

 

 

 

 

 

 

 

 

 

 

 

If all the configuration as completed using this guide, our OAuth user will log in to Portainer.

All set.

 

 

 

 

 

 

 

 

The next thing to do is give some permissions to deploy new applications or manage the endpoints.

Table of Contents