Launching the Platform/Self-hosted: On-prem/Prerequisites
Oauth provider
Setup and configure OAuth provider for your self-hosted platform
Overview
Purpose
- User authentication
- Access control
- Single sign-on capabilities
- Identity management
Key Features
- OpenID Connect support
- OAuth 2.0 compliance
- User profile information
- Email verification
Provider options
Google OAuth Setup
Access Google Cloud Console
- Go to Google Cloud Console
- Select or create a project
Create OAuth Client
- Click
+ CREATE CREDENTIALS - Select
OAuth client ID - Choose
Web applicationtype
Configure OAuth Client
- Add Authorized JavaScript origins:
https://your-domain.com - Add Authorized redirect URIs:
https://your-domain.com/api/auth/callback/google
Make sure to replace your-domain.com with your actual platform domain.
Azure Active Directory Setup
Access Azure Portal
- Go to Azure Active Directory
- Register a new application
Configure Application
- Add redirect URIs
- Set up platform configurations
- Configure authentication settings
Set Required Permissions
- OpenID Connect permissions
- User.Read permissions
- Additional scopes as needed
Custom OIDC Provider
For enterprise setups, you can use any OpenID Connect compliant provider:
- Okta
- Auth0
- Keycloak
- Other OIDC-compliant providers
Required provider capabilities:
- OpenID Connect support
- OAuth 2.0 compliance
- User profile information
- Email verification
Jwt configuration
Store this key securely - it's used to sign user sessions.
Information collection
Required values for platform installation
- OAuth Client ID
- OAuth Client Secret
- JWT signing key
- Configured redirect URI
auth:
jwtSigningKey: "your-generated-key" # From openssl command
providers:
google:
enabled: true
clientID: "your-client-id" # From OAuth provider
clientSecret: "your-secret" # From OAuth providerValidation
Verify OAuth client is properly configured ### Confirm redirect URIs match
your domain ### Check JWT signing key is generated and saved ### Validate required scopes are enabled
Troubleshooting
Invalid Redirect URI
- Verify exact URI match
- Check for protocol (https) mismatch
- Confirm domain spelling
Authentication Failures
- Verify client credentials
- Check scope configurations
- Validate JWT signing key
Need help? Contact [email protected] if you encounter any issues.