Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docs: Hosted Authenticate Service capabilities page and sidebar #582

Merged
merged 13 commits into from
Apr 27, 2023
Merged

Docs: Hosted Authenticate Service capabilities page and sidebar #582

merged 13 commits into from
Apr 27, 2023

Conversation

ZPain8464
Copy link
Contributor

@ZPain8464 ZPain8464 commented Apr 21, 2023
edited
Loading

This PR adds a Hosted Authenticate Service capabilities page and sidebar slice.

This is a first draft. It could probably be more informative in sections like Less time to deploy and Privacy considerations.

Once a Hosted Authenticate URL reference page is live, it will also need to be linked here.

@ZPain8464 ZPain8464 added the docs label Apr 21, 2023
@ZPain8464 ZPain8464 requested a review from a team as a code owner April 21, 2023 18:34
@ZPain8464 ZPain8464 requested review from cmo-pomerium and removed request for a team April 21, 2023 18:34
@netlify
Copy link

netlify bot commented Apr 21, 2023
edited
Loading

Deploy Preview for pomerium-docs ready!

Name Link
🔨 Latest commit 39ce33d
🔍 Latest deploy log https://app.netlify.com/sites/pomerium-docs/deploys/644a8c0470b0bc00086f37aa
😎 Deploy Preview https://deploy-preview-582--pomerium-docs.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.

@ZPain8464 ZPain8464 changed the title Docs: adds capabilities page and sidebar Docs: Hosted Authenticate Service capabilities page and sidebar Apr 21, 2023
cmo-pomerium
cmo-pomerium approved these changes Apr 25, 2023
View reviewed changes
Copy link
Contributor

@cmo-pomerium cmo-pomerium left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have copy reviewed. LGTM

calebdoxsey
calebdoxsey requested changes Apr 25, 2023
View reviewed changes
content/docs/capabilities/hosted-authenticate-service.md Outdated

### Zero configuration

Including the hosted authenticate URL in your configuration file authenticates your users against our hosted identity provider solution (we use Cognito).
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will default to the hosted authenticate URL, so, something like:

By default Pomerium will use the hosted identity provider if no authenticate_service_url is defined.

content/docs/capabilities/hosted-authenticate-service.md Outdated

Including the hosted authenticate URL in your configuration file authenticates your users against our hosted identity provider solution (we use Cognito).

This means you only need to include the hosted URL in your configuration file to use Pomerium's hosted services — no [identity provider configuration](/docs/identity-providers) required.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
This means you only need to include the hosted URL in your configuration file to use Pomerium's hosted services — no [identity provider configuration](/docs/identity-providers) required.
This means no [authenticate service URL](/docs/reference/authenticate-service-url) or [identity provider configuration](/docs/identity-providers) is required.

content/docs/capabilities/hosted-authenticate-service.md Outdated

## How to use the Hosted Authenticate Service

1. Include the Hosted Authenticate Service URL in your configuration file
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
1. Include the Hosted Authenticate Service URL in your configuration file

@wasaga
Copy link
Contributor

wasaga commented Apr 25, 2023

I think we need describe limitations using hosted authenticate.

  1. only google and email/password authentication is (currently) supported
  2. as hosted authenticate is severed from the pomerium installation, it is not possible to refresh session tokens, meaning the session would live for just about an hour, after which users would have to re-authenticate.

@ZPain8464
Copy link
Contributor Author

@desimone this PR now includes the following docs:

  • Hosted Authenticate and Self-Hosted Authenticate Service capabilities pages
  • Identity Provider Configuration copy update to include self-hosted IdP (index.md)
  • Hosted Authn notices that are included on IdP and Authn Service URL reference pages

@ZPain8464
Copy link
Contributor Author

@desimone did you want to look at this before merging?

@ZPain8464 ZPain8464 merged commit 7bf1673 into main Apr 27, 2023
@ZPain8464 ZPain8464 deleted the zpain/hosted-auth-capabilities branch April 27, 2023 15:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@calebdoxsey calebdoxsey calebdoxsey approved these changes

@cmo-pomerium cmo-pomerium cmo-pomerium approved these changes

@desimone desimone Awaiting requested review from desimone

Assignees
No one assigned
Labels
docs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@ZPain8464 @wasaga @calebdoxsey @cmo-pomerium