Skip to content

Commit

Permalink
docs(web-modeler): document OAUTH2_CLIENT_FETCH_REQUEST_CREDENTIALS (#…
Browse files Browse the repository at this point in the history 
…3838)
  • Loading branch information
@wollefitz
wollefitz authored Jun 6, 2024
1 parent 964ab7d commit 2f15a23
Show file tree
Hide file tree
Showing 3 changed files with 24 additions and 21 deletions.
15 changes: 8 additions & 7 deletions docs/self-managed/modeler/web-modeler/configuration/configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,13 +114,14 @@ Refer to the [advanced logging configuration guide](./logging.md#logging-configu

### Identity / Keycloak

| Environment variable | Description | Example value | Default value |
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
| Environment variable | Description | Example value | Default value |
| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_CLIENT_FETCH_REQUEST_CREDENTIALS` | [optional]<br/>Configuration whether credentials should be sent along with requests to the OIDC provider, see [documentation](https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials#value). Use this if you are using a proxy that requires cookies. | `include` | - |
| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |

Refer to the [advanced Identity configuration guide](./identity.md) for additional details on how to set up secure connections to an external Identity instance or connect a custom OpenID Connect (OIDC) authentication provider.

Expand Down
15 changes: 8 additions & 7 deletions ...ocs/version-8.4/self-managed/modeler/web-modeler/configuration/configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,13 +114,14 @@ Refer to the [advanced logging configuration guide](./logging.md#logging-configu

### Identity / Keycloak

| Environment variable | Description | Example value | Default value |
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
| Environment variable | Description | Example value | Default value |
| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_CLIENT_FETCH_REQUEST_CREDENTIALS` | [optional]<br/>Configuration whether credentials should be sent along with requests to the OIDC provider, see [documentation](https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials#value). Use this if you are using a proxy that requires cookies. | `include` | - |
| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |

Refer to the [advanced Identity configuration guide](./identity.md) for additional details on how to set up secure connections to an external Identity instance or connect a custom OpenID Connect (OIDC) authentication provider.

Expand Down
15 changes: 8 additions & 7 deletions ...ocs/version-8.5/self-managed/modeler/web-modeler/configuration/configuration.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,13 +114,14 @@ Refer to the [advanced logging configuration guide](./logging.md#logging-configu

### Identity / Keycloak

| Environment variable | Description | Example value | Default value |
| ----------------------- | ------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |
| Environment variable | Description | Example value | Default value |
| ----------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------------------- | ------------- |
| `OAUTH2_CLIENT_ID` | Client ID of the Web Modeler application configured in Identity;<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_CLIENT_FETCH_REQUEST_CREDENTIALS` | [optional]<br/>Configuration whether credentials should be sent along with requests to the OIDC provider, see [documentation](https://developer.mozilla.org/en-US/docs/Web/API/Request/credentials#value). Use this if you are using a proxy that requires cookies. | `include` | - |
| `OAUTH2_JWKS_URL` | [Internal](#notes-on-host-names-and-port-numbers) URL used to request Keycloak's JSON Web Key Set (for JWT verification). | `http://keycloak:8080/auth/realms/camunda-platform/protocol/openid-connect/certs` | - |
| `OAUTH2_TOKEN_AUDIENCE` | Expected token audience (used for JWT validation);<br/>_must be set to_ `web-modeler`. | `web-modeler` | - |
| `OAUTH2_TOKEN_ISSUER` | URL of the token issuer (used for JWT validation). | `https://keycloak.example.com/auth/realms/camunda-platform` | - |
| `IDENTITY_BASE_URL` | [Internal](#notes-on-host-names-and-port-numbers) base URL of the Identity API (used to fetch user data). | `http://identity:8080` | - |

Refer to the [advanced Identity configuration guide](./identity.md) for additional details on how to set up secure connections to an external Identity instance or connect a custom OpenID Connect (OIDC) authentication provider.

Expand Down

0 comments on commit 2f15a23

Please sign in to comment.