description |
---|
Learn How to Install Squidex Identity |
The Squidex Identity server is based on the Squidex Headless CMS. It implements the OpenID Connect and OAuth 2.0 protocols to act as a central, single sign-on server.
{% hint style="info" %} WARNING: Squidex Identity is no longer maintained. {% endhint %}
Clone the Squidex identity repository with the following command:
git clone https://github.com/Squidex/squidex-identity.git
You can create the App with predefined schemas either in the Cloud or in your custom installation:
Update the configuration with the URL to your Squidex instance along with the Client ID and Secret of the default client.
Update the configuration file at: Squidex.Identity/appsettings.json
.
"app": {
// ...
"url": "https://cloud.squidex.io",
"clientId": "identity:default",
"clientSecret": "xxx",
// ...
}
Of course, you can also use environment variables, e.g.
APP__URL=https://cloud.squidex.io
APP__CLIENTID=identity:default
APP__CLIENTSECRET=xxx
If you create an identity App in Squidex you will see a schema with the settings where you can upload a logo, footer text, privacy settings and so on.
Most settings are optional but you must setup credentials to an SMTP server.
Email Delivery Service:
If you want to use external authentication providers, you can set them up in the authentication schemes section. Here is an example for Google:
You have to create an OAuth 2.0-Client-IDs in the Google Developer console. You must define the redirect_uri
in this process and you must use http://localhost:3500/signin-google
.
The redirect URLs for other authentication providers are:
http://localhost:3500/signin-twitter
http://localhost:3500/signin-facebook
http://localhost:3500/signin-github
When you want to connect an external application to Squidex identity, you have to configure a client. This is a little bit complicated, but you can find all settings here: http://docs.identityserver.io/en/latest/reference/client.html
You can also setup Squidex as an external client, so that the same users can also login to manage content.
During first step, you have to create a new client:
In the second step you have to update the Squidex configuration at Squidex/appsettings.json
.
"identity": {
...
"oidcName": "selfHostedName",
"oidcAuthority": "http://localhost:3500/",
"oidcClient": "client:selfHosted",
"oidcSecret": "xxx",
...
}
Then you can register at Squidex identity.