jprdonnelly/airbyte
1
0
Fork 0
mirror of synced 2025-12-25 02:09:19 -05:00
Code Issues Packages Projects Releases Wiki Activity

Docs extra scopes in OIDC (#65930)

Browse Source
This commit is contained in:
Ian Alton
2025-09-03 15:29:27 -07:00
committed by GitHub
parent ab5ec1d934
commit b58c916f82
8 changed files with 18 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
docusaurus/platform_versioned_docs/version-1.8/access-management/sso-providers/azure-entra-id.md
View File

@@ -249,6 +249,7 @@ global:
generic-oidc:
clientId: YOUR_CLIENT_ID
audience: YOUR_AUDIENCE
extraScopes: YOUR_EXTRA_SCOPES
issuer: YOUR_ISSUER
endpoints:
authorizationServerEndpoint: YOUR_AUTH_ENDPOINT
@@ -259,6 +260,8 @@ You collect these values from Microsoft in the locations shown below.
- `audience`: Same as `clientId`.
- `extraScopes`: If you've defined extra scopes in your app registration, you can reference them here. Extra scopes are included in the authorization code flow and are sometimes required to provide web apps like Airbyte with valid JSON web tokens. In the Azure portal, **Entra ID** > **App registrations** > your app > **Expose an API**. The format looks like `api://12345678-90ab-cdef-1234-567890abcdef/<SCOPE_NAME>`. Microsoft Graph API scopes and optional claims aren't supported.
- `issuer`: In your well-known endpoint, use `issuer`.
- `authorizationServerEndpoint`: Same as `issuer`.

3
docusaurus/platform_versioned_docs/version-1.8/access-management/sso-providers/okta.md
View File

@@ -267,6 +267,7 @@ global:
generic-oidc:
clientId: YOUR_CLIENT_ID
audience: YOUR_AUDIENCE
extraScopes: YOUR_EXTRA_SCOPES
issuer: YOUR_ISSUER
endpoints:
authorizationServerEndpoint: YOUR_AUTH_ENDPOINT
@@ -279,6 +280,8 @@ You collect these values from Okta in the locations shown below.
- `audience`: In Okta's administrator panel, **Security** > **API** > **Authorization Servers** tab > **Audience**. Choose the audience for the authorization server you're using with Airbyte.
- `extraScopes`: If you've defined extra scopes in your authorization server, you can reference them here. Extra scopes are included in the authorization code flow and are sometimes required to provide web apps like Airbyte with valid JSON web tokens. In Okta's administrator panel, **Security** > **API** > **Authorization Servers** tab > your authorization server > **Scopes**.
- `issuer`: In your well-known endpoint, use the `issuer`.
- `authorizationServerEndpoint`: In your well-known endpoint, use the `authorization_endpoint`, but omit the `/v1/authorize` portion. For example, `https://example.okta.com/oauth2/default/`.

1
docusaurus/platform_versioned_docs/version-1.8/enterprise-setup/chart-v2-enterprise.mdx
View File

@@ -177,6 +177,7 @@ global:
genericOidc:
clientId: ""
audience: ""
extraScopes: ""
issuer: ""
endpoints:
authorizationServerEndpoint: ""

3
docusaurus/platform_versioned_docs/version-1.8/enterprise-setup/implementation-guide.md
View File

@@ -304,6 +304,7 @@ Follow these instructions to add the Airbyte helm repository:
genericOidc:
clientId: ""
audience: ""
extraScopes: ""
issuer: ""
endpoints:
authorizationServerEndpoint: ""
@@ -318,8 +319,6 @@ Follow these instructions to add the Airbyte helm repository:
</TabItem>
</Tabs>
4. You must configure the public facing URL of your Airbyte instance to your `values.yaml` file, under `global`:
<Tabs groupId="helm-chart-version">