3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-29 10:26:29 +02:00
Code Issues Projects Releases Packages Wiki Activity

docs: use standard langauge for lists (#1590)

Browse source 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
bobby 2020-11-12 14:44:00 -08:00 committed by GitHub
parent c199909032
commit f604a3e87a
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 10 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
docs/reference/readme.md
View file

@ -655,7 +655,7 @@ See [identity provider] for details.
### Identity Provider Scopes
- Environmental Variable: `IDP_SCOPES`
- Config File Key: `idp_scopes`
- Type: `[]string` comma separated list of oauth scopes.
- Type: list of `strings`
- Default: `oidc`,`profile`, `email`, `offline_access` (typically)
- Optional for built-in identity providers.
@ -667,6 +667,12 @@ If you are using a built-in provider, you probably don't want to set customized
:::
:::warning
Some providers, like Amazon Cognito, _do not_ support the `offline_access` scope.
:::
### Identity Provider Service Account
- Environmental Variable: `IDP_SERVICE_ACCOUNT`
@ -953,7 +959,7 @@ A list of policy configuration variables follows.
### Allowed Domains
- `yaml`/`json` setting: `allowed_domains`
- Type: collection of `strings`
- Type: list of `strings`
- Required
- Example: `pomerium.io` , `gmail.com`
@ -962,7 +968,7 @@ Allowed domains is a collection of whitelisted domains to authorize for a given
### Allowed Groups
- `yaml`/`json` setting: `allowed_groups`
- Type: collection of `strings`
- Type: list of `strings`
- Required
- Example: `admins` , `support@company.com`
@ -971,7 +977,7 @@ Allowed groups is a collection of whitelisted groups to authorize for a given ro
### Allowed Users
- `yaml`/`json` setting: `allowed_users`
- Type: collection of `strings`
- Type: list of `strings`
- Required
- Example: `alice@pomerium.io` , `bob@contractor.co`

2
examples/config/config.example.env
View file

@ -60,8 +60,6 @@ export IDP_PROVIDER_URL="https://accounts.google.com" # optional for google
# export IDP_CLIENT_SECRET="REPLACEME"
# export IDP_PROVIDER_URL="https://openid-connect.onelogin.com/oidc" #optional, defaults to `https://openid-connect.onelogin.com/oidc`
# export SCOPE="openid email" # generally, you want the default OIDC scopes
# Proxied routes and per-route policies are defined in a policy provided either
# directly as a base64 encoded yaml/json file, or as the policy key in the configuration
# file

2
examples/config/config.example.yaml
View file

@ -70,8 +70,6 @@ authenticate_service_url: https://authenticate.corp.beyondperimeter.com
# idp_client_secret: "REPLACEME"
# idp_provider_url: "https://openid-connect.onelogin.com/oidc" #optional, defaults to `https://openid-connect.onelogin.com/oidc`
# scope: "openid email" # generally, you want the default OIDC scopes
# For Group data you must set an IDP_SERVICE_ACCOUNT
# idp_service_account: YOUR_SERVICE_ACCOUNT