iam - Third party login

com.msgbyte.iam

The IAM plugin provides third-party login functionality

Currently supported:

github

Configuration Method

Github

Create an OAuth application in Github. Get Client ID and Client secrets

Configure the authorization callback address Authorization callback URL of the Github application to {API_URL}/api/plugin:com.msgbyte.iam/github/redirect. Note that API_URL is the value in the environment variable, and the two should be consistent.

Configure Tailchat environment variables:

IAM_GITHUB_ID
IAM_GITHUB_SECRET

Respectively, Client ID and Client secrets obtained before

You also can use env to overwrite uri, for example use proxy:
IAM_GITHUB_URI_AUTHORIZE=https://github.com/login/oauth/authorize
IAM_GITHUB_URI_ACCESS_TOKEN=https://github.com/login/oauth/access_token
IAM_GITHUB_URI_USERINFO=https://api.github.com/user

Security Protection

In order to prevent tokens from being obtained by malicious applications, it is recommended to add front-end domain name verification.

Just configure IAM_FE_URL in the environment variable, and the value is the front-end domain name. Such as: IAM_FE_URL=http://localhost:11011

for window.opener.postMessage(<data>, "IAM_FE_URL")

Configuration Method​

Github​

Security Protection​

Configuration Method

Github

Security Protection