Single Sign-On (or SSO) allows you to manage your organization’s entire membership via a third party provider.

Behaviour

Supports multiple authentication schemes:

  • Signup/login with username/e-mail and password
  • Signup with LDAP
  • Signup/Login with Github accounts
  • Signup/Login with Gitlab accounts
  • Signup/Login with Bitbucket accounts
  • Signup/Login with Microsoft (Office 365, Azure) accounts
  • Connecting more than one social account to an account based on email/username

Default Membership

Every member who creates a new account via SSO will be given access to the platform with a user role.

Providers

LDAP

In order to use LDAP with Polyaxon you need to provide a list of configuration parameters during the deployment:

auth:
  ldap:
    enabled: true
    serverUri:
    globalOptions: {}
    connectionOptions: {}
    bindDN:
    bindPassword:
    userSearchBaseDN:
    userSearchFilterStr:
    userDNTemplate:
    startTLS: false
    userAttrMap: {}
    groupSearchBaseDN:
    groupSearchGroupType:
    requireGroup:
    denyGroup:

Github

You need to register a new application on github.

You should provide a callback URL: [Domain/IP]/oauth/github

And use your client id and secret token during the deployment:

auth:
  github:
    enabled: true
    clientId:
    clientSecret:

Gitlab

You need to register a new application on gitlab.

You should provide a callback URL: [Domain/IP]/oauth/gitlab

And use your client id and secret token during the deployment:

auth:
  gitlab:
    enabled: true
    clientId:
    clientSecret:

If you have an on-premise Gitlab installation you can additionally provide your Gitlab url:

auth:
  gitlab:
    enabled: true
    clientId:
    clientSecret:
    url:

Bitbucket

You need to register a new application on bitbucket.

You should provide a callback URL: [Domain/IP]/oauth/bitbucket

And use your client id and secret token during the deployment:

auth:
  bitbucket:
    enabled: true
    clientId:
    clientSecret:

Microsoft (Azure)

You need to register a new application on Azure.

You will need to provide a reply URL: [Domain/IP]/oauth/azure

And use your client id and secret token during the deployment:

auth:
  azure:
    enabled: true
    tenantId:
    clientId:
    clientSecret:

Signup/Login

Once you set one or all of these providers your users will be able to signup/login based on any of these providers.

Signup page

signup

Login page

login