OpenID Connect Authentication

How to configure Bindplane to use OpenID Connect for Authentication

important

🚧 This feature is only available in Bindplane Enterprise and Bindplane for Google. Learn more here.

1. Prerequisites

Before beginning, ensure you have the following:

An OpenID Connect (OIDC) provider configured and available.
OAuth2 Client ID and Client Secret from your OIDC provider.

2. Configuration

Configuration Steps

Open the Bindplane configuration file (by default at /etc/bindplane/config.yaml).
Add or modify the following OIDC configuration settings:

yaml

1auth:
2  type: oidc
3  oidc:
4    issuer: "https://your-oidc-provider.com"
5    oauth2ClientID: "your-client-id"
6    oauth2ClientSecret: "your-client-secret"
7    scopes:
8      - openid
9      - profile
10      - email

Replace the placeholder values:
- issuer: Your OIDC provider's URL
- oauth2ClientID: OAuth2 client ID from your OIDC provider
- oauth2ClientSecret: OAuth2 client Secret from your OIDC provider
Restart Bindplane to apply the changes:

bash

1systemctl restart bindplane

Environment Variables

The same settings can also be provided using environment variables:

text

1BINDPLANE_OIDC_OAUTH2_CLIENT_ID=your-client-id
2BINDPLANE_OIDC_OAUTH2_CLIENT_SECRET=your-client-secret
3BINDPLANE_OIDC_ISSUER=https://your-oidc-provider.com
4BINDPLANE_OIDC_SCOPES=openid,profile,email

After configuration, users will be redirected to your OIDC provider for authentication when accessing Bindplane.

Updated 2 months ago