This charm is used to configure an Ory Kratos charm to use an external provider.
Before deploying this charm you should register an oidc client with the provider you wish to use. Instructions for registering a client for some well known providers can be found below. Instructions for a larger list of providers can be found at the Ory Kratos docs.
Note that after registering a client you will need to provide a redirect_uri to the provider. It can be fetched once the integrator charm is deployed.
Instructions for registering a client on Azure AD can be found here.
Instructions for registering a client on Okta can be found here.
For the kratos-external-idp-integrator charm to be operative you need to
deploy it, configure it and integrate with the kratos charm.:
juju deploy kratos-external-idp-integrator
juju config kratos-external-idp-integrator \
client_id={client_id} \
client_secret={client_secret} \
provider={provider}
juju integrate kratos-external-idp-integrator kratosNote that depending on the type of the provider different configurations may be necessary.
After deploying, configuring and integrating the integrator charm, its status
will change to active. Now you can get the redirect_uri by running:
juju run {unit_name} get-redirect-uri --waitTo disable provider, i.e remove it from Kratos, run:
juju config kratos-external-idp-integrator enabled=falseTo enable a provider that has been disabled, you need to run:
juju run kratos-external-idp-integrator enabled=truePlease see the Juju SDK docs for guidelines on enhancements to this charm following best practice guidelines, and CONTRIBUTING.md for developer guidance.