From d2407e89d4064753bd207e7b26e0601a97f9c61e Mon Sep 17 00:00:00 2001 From: Jonathan Reyes Date: Wed, 27 Mar 2024 05:57:15 -0600 Subject: [PATCH 1/2] doc: added workos to provider list --- docs/kratos/social-signin/63_workos.mdx | 65 +++++++++++++++++++++++++ 1 file changed, 65 insertions(+) create mode 100644 docs/kratos/social-signin/63_workos.mdx diff --git a/docs/kratos/social-signin/63_workos.mdx b/docs/kratos/social-signin/63_workos.mdx new file mode 100644 index 000000000..e68e34375 --- /dev/null +++ b/docs/kratos/social-signin/63_workos.mdx @@ -0,0 +1,65 @@ +--- +id: workos +title: Add WorkOS as a social sign-in provider in Ory +sidebar_label: WorkOS +--- + +# WorkOS + +Follow these steps to add [WorkOS](https://workos.com/) as a social sign-in provider to your project using the Ory CLI: + +:::info + +The provider configuration in Kratos needs to be set up for each of your Enterprise SAML/SSO clients. WorkOS is simply a connector that simplifies the SAML integration. The example below uses `demo-organization` but you would create one for each of your SAML organizations. + +::: + +1. [Get your OAuth2 Credentials](https://dashboard.workos.com/api-keys) from WorkOS which are scoped to your environment + +2. In the created app, add a redirect URI: + + ```shell + https://{host}/self-service/methods/oidc/callback/demo-organization + ``` + +3. Create a [Jsonnet code snippet](/docs/kratos/social-signin/generic#data-mapping) to map the desired claims to the Ory Identity schema. + +4. Encode the Jsonnet snippet with [Base64](https://www.base64encode.org/) or host it under an URL accessible to Ory Network. + + ```shell + cat your-data-mapping.jsonnet | base64 + ``` + +5. Download the Ory Identities config from your project and save it to a file: + + ```shell + ## List all available projects + ory list projects + + ## Get config + ory get identity-config {project-id} --format yaml > identity-config.yaml + ``` + +6. Add the social sign-in provider configuration to the downloaded config. Add the Jsonnet snippet with mappings as a Base64 string or provide an URL to the file. + + ```yaml + selfservice: + methods: + oidc: + config: + providers: + - id: demo-organization + provider: workos + client_id: client_00000000000000000 + client_secret: sk_... + workos_organization_id: org_000000000000000000 + mapper_url: "base64://..." + scope: [] + enabled: true + ``` + +7. Update the Ory Identities configuration using the file you worked with: + + ```shell + ory update identity-config {project-id} --file identity-config.yaml + ``` From 934c5e70213a4f9a3fd2758b84fb5baaa464f109 Mon Sep 17 00:00:00 2001 From: Jonathan Reyes Date: Wed, 27 Mar 2024 06:00:46 -0600 Subject: [PATCH 2/2] chore: formatting the documentation --- docs/kratos/social-signin/63_workos.mdx | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) diff --git a/docs/kratos/social-signin/63_workos.mdx b/docs/kratos/social-signin/63_workos.mdx index e68e34375..cc9a7c2c6 100644 --- a/docs/kratos/social-signin/63_workos.mdx +++ b/docs/kratos/social-signin/63_workos.mdx @@ -10,7 +10,9 @@ Follow these steps to add [WorkOS](https://workos.com/) as a social sign-in prov :::info -The provider configuration in Kratos needs to be set up for each of your Enterprise SAML/SSO clients. WorkOS is simply a connector that simplifies the SAML integration. The example below uses `demo-organization` but you would create one for each of your SAML organizations. +The provider configuration in Kratos needs to be set up for each of your Enterprise SAML/SSO clients. WorkOS is simply a connector +that simplifies the SAML integration. The example below uses `demo-organization` but you would create one for each of your SAML +organizations. ::: @@ -22,7 +24,8 @@ The provider configuration in Kratos needs to be set up for each of your Enterpr https://{host}/self-service/methods/oidc/callback/demo-organization ``` -3. Create a [Jsonnet code snippet](/docs/kratos/social-signin/generic#data-mapping) to map the desired claims to the Ory Identity schema. +3. Create a [Jsonnet code snippet](/docs/kratos/social-signin/generic#data-mapping) to map the desired claims to the Ory Identity + schema. 4. Encode the Jsonnet snippet with [Base64](https://www.base64encode.org/) or host it under an URL accessible to Ory Network. @@ -40,7 +43,8 @@ The provider configuration in Kratos needs to be set up for each of your Enterpr ory get identity-config {project-id} --format yaml > identity-config.yaml ``` -6. Add the social sign-in provider configuration to the downloaded config. Add the Jsonnet snippet with mappings as a Base64 string or provide an URL to the file. +6. Add the social sign-in provider configuration to the downloaded config. Add the Jsonnet snippet with mappings as a Base64 + string or provide an URL to the file. ```yaml selfservice: @@ -48,13 +52,13 @@ The provider configuration in Kratos needs to be set up for each of your Enterpr oidc: config: providers: - - id: demo-organization - provider: workos - client_id: client_00000000000000000 - client_secret: sk_... - workos_organization_id: org_000000000000000000 - mapper_url: "base64://..." - scope: [] + - id: demo-organization + provider: workos + client_id: client_00000000000000000 + client_secret: sk_... + workos_organization_id: org_000000000000000000 + mapper_url: "base64://..." + scope: [] enabled: true ```