Skip to content

Authentication Strategies

Jump to bottom Edit New page
GUI edited this page Nov 18, 2014 · 12 revisions

Overview

To login to the API Umbrella admin, the following authentication strategies are enabled by default:

In addition, API Umbrella ships with the following optional authentication strategies that can be enabled:

To enable additional authentication strategies, enable them in the /etc/api-umbrella/api-umbrella.yml configuration file:

web:
  admin:
    auth_strategies:
      enabled:
        - facebook
        - github
        - google
        - max.gov
        - myusa
        - persona

API Umbrella uses the OmniAuth library, which supports many more authentication strategies. If you would like additional strategies to be shipped with the default API Umbrella installation, please open an issue.

Specifics

Each authentication strategy has specific considerations.

Mozilla Persona

Mozilla Persona should work without any additional configuration.

GitHub

The GitHub authentication strategy needs the following information:

  • client_id
  • client_secret

To set up the GitHub authentication strategy:

  1. Review and follow the Github API Basics of Authentication
  2. Login to your account and create a new application.
  3. The Homepage URL should be: https://yourdomain.com (use the domain where API Umbrella is deployed)
  4. The Authorization callback URL should be: https://yourdomain.com/admins/auth/github/callback
  5. Add your client_id and client_secret to /etc/api-umbrella/api-umbrella.yml:
web:
  admin:
    auth_strategies:
      github:
        client_id: YOUR_CLIENT_ID_HERE
        client_secret: YOUR_CLIENT_SECRET_HERE
  1. Restart API Umbrella

Google

The Google authentication strategy needs the following information:

  • client_id
  • client_secret

To set up the Google authentication strategy:

  1. Review and follow the Google OAuth for Login documentation
  2. Login to the Google API Console.
  3. Navigate to APIs & auth > Credentials and under the OAuth section click Create new Client ID.
  4. The Application Type should be: Web application.
  5. The Authorized Javascript Origins should be: https://yourdomain.com (use the domain where API Umbrella is deployed)
  6. The Authorized Redirect URIs should be: https://api.example.com/admins/auth/google_oauth2/callback
  7. Add your client_id and client_secret to the api-umbrella.yml:
web:
  admin:
    auth_strategies:
      google:
        client_id: YOUR_CLIENT_ID_HERE
        client_secret: YOUR_CLIENT_SECRET_HERE
  1. Restart API Umbrella
Add a custom footer
Add a custom sidebar
Clone this wiki locally