External Authorization

OpenID authorization

1. Open terminal and go to the Supervisely configs folder
1
$ cd $(sudo supervisely where)
Copied!
2. Create openid.yml file with external service credentials
1
<provider_name>:
2
metadata_url: <metada_url>
3
client_id: <client_id>
4
client_secret: <client_secret>
5
โ€‹
6
# optional
7
http_proxy: <proxy url>
8
https_proxy: <proxy url>
9
icon: <url> / <base64> / <svg> (login button icon)
10
login_label: <login_label> (login button label)
Copied!
3. Create docker-compose.override.yml file
1
version: '2.2'
2
โ€‹
3
services:
4
api:
5
environment:
6
DOMAIN: <https_instance_domain>
7
volumes:
8
- <path_to_folder>/openid.yml:/openid.yml:ro
Copied!
4. Execute following command
1
$ sudo supervisely up -d
Copied!
5. Go to your authorization service and add new redirect (callback) URI <https_instance_domain>/api/account/auth/<provider_name>/callback where:
    https_instance_domain - domain, that you specified in docker-compose.override.yml
    provider_name - name, that you specified in openid.yml

Authorization through Microsoft Azure Active Directory

First you need to register app and configure web API access.
On Add redirect URI(s) step add new URI <https_instance_domain>/api/account/auth/microsoft/callback

openid.yml

1
microsoft:
2
metadata_url: https://login.microsoftonline.com/568427e8-****-****-****-************/.well-known/openid-configuration
3
client_id: 7006e956-****-****-****-************
4
client_secret: j2Hy-***************************
Copied!

docker-compose.override.yml

1
version: '2.2'
2
โ€‹
3
services:
4
api:
5
environment:
6
DOMAIN: https://app.supervise.ly
7
volumes:
8
- <path_to_folder>/openid.yml:/openid.yml:ro
Copied!

LDAP authorization

1. Open terminal and go to the Supervisely configs folder
1
$ cd $(sudo supervisely where)
Copied!
2. Create docker-compose.override.yml file
1
version: '2.2'
2
โ€‹
3
services:
4
api:
5
environment:
6
LDAP_SERVER_URL: <server_url>
7
LDAP_BIND_DN: <bind_dn>
8
LDAP_DN_CREDENTIALS: <password_for_bind_dn>
9
LDAP_SEARCH_FILTER: <search_filter>
10
LDAP_SEARCH_BASE: <search_base>
Copied!
3. Execute the following command
1
$ sudo supervisely up -d
Copied!

docker-compose.override.yml example

1
version: '2.2'
2
โ€‹
3
services:
4
api:
5
environment:
6
LDAP_SERVER_URL: ldap://example:389
7
LDAP_BIND_DN: cn=root
8
LDAP_DN_CREDENTIALS: secret
9
LDAP_SEARCH_FILTER: (uid={{username}})
10
LDAP_SEARCH_BASE: dc=example, dc=org
Copied!
Last modified 2mo ago