OAuth is an open standard for token-based authentication and authorization which is used to provide Single Sign-On (SSO). Bytebase supports popular OAuth 2.0 providers (GitHub, Google, GitLab) and custom providers.
In the creating SSO dialog, you need to fill following fields:
Google
will be shown as Sign in with Google
)google-fsgs
)google.com
, optional)The information is the base concept of OAuth 2.0 and comes from your provider.
client_id
and client_secret
will be sending in the POST body as application/x-www-form-urlencoded parameters.client_id
and client_secret
will be sending in HTTP Basic Authorization. This is an optional style described in the OAuth2 RFC 6749 section 2.3.1.For different providers, the structures returned by their user information API are usually not the same. That’s why you need to fill an information mapping form for mapping user information into Bytebase user fields.
Bytebase uses the mapping to import user profile fields when creating new accounts.
The most important information is Bytebase user's email
. It identifies the Bytebase account associated with the OAuth 2.0 login.
OAuth 2.0 usually requires an authorization callback url in the configuration. Please make sure the —external-url is set correctly.
If you start Bytebase with --external-url http://bytebase.example.com
, then the authorization callback URL will be http://bytebase.example.com/oauth/callback
.
Bytebase provides templates for configuring built-in OAuth providers.
Follow the Using OAuth 2.0 to Access Google APIs to create OAuth 2.0 client credentials in Google API Console.
Open creating SSO dialog and select the Google template.
Update the Client ID and Client secret fields with the OAuth 2.0 client credential you just created.
After filling in all the required fields, try to click Test connection.
If everything is OK, click the Create button.
Follow Creating an OAuth App in GitHub to create an OAuth app in GitHub, where you replace YOUR_EXTERNAL_URL
in the image below with the external URL you configured in Bytebase Workspace.
Open creating SSO dialog and select the GitHub template.
Update the Client ID and Client secret fields with the GitHub OAuth App you just created.
After filling in all the required fields, try to click Test connection.
If everything is OK, click the Create button.
Go to your GitHub Public profile, make sure your Public email is set to the email you intend to use for SSO. Otherwise, the SSO will not work.Add commentMore actions
Follow Configure GitLab as an OAuth 2.0 authentication identity provider to create an OAuth 2 application in GitLab.
Open creating SSO dialog and select the GitLab template.
Update the Client ID and Client secret fields with the GitLab OAuth 2 application you just created.
After filling in all the required fields, try to click Test connection.
If everything is OK, click the Create button.
Follow the Register an application with the Microsoft identity platform to create an Application in Microsoft Entra admin center.
Create a client secret in the Client credentials tab.
Open creating SSO dialog and select the Microsoft Entra template.
Update the Client ID, Client secret and the Endpoints fields with the OAuth 2.0 client credential you just created.
After filling in all the required fields, try to click Test connection.
If everything is OK, click the Create button.
OAuth is an open standard for token-based authentication and authorization which is used to provide Single Sign-On (SSO). Bytebase supports popular OAuth 2.0 providers (GitHub, Google, GitLab) and custom providers.
In the creating SSO dialog, you need to fill following fields:
Google
will be shown as Sign in with Google
)google-fsgs
)google.com
, optional)The information is the base concept of OAuth 2.0 and comes from your provider.
client_id
and client_secret
will be sending in the POST body as application/x-www-form-urlencoded parameters.client_id
and client_secret
will be sending in HTTP Basic Authorization. This is an optional style described in the OAuth2 RFC 6749 section 2.3.1.For different providers, the structures returned by their user information API are usually not the same. That’s why you need to fill an information mapping form for mapping user information into Bytebase user fields.
Bytebase uses the mapping to import user profile fields when creating new accounts.
The most important information is Bytebase user's email
. It identifies the Bytebase account associated with the OAuth 2.0 login.
OAuth 2.0 usually requires an authorization callback url in the configuration. Please make sure the —external-url is set correctly.
If you start Bytebase with --external-url http://bytebase.example.com
, then the authorization callback URL will be http://bytebase.example.com/oauth/callback
.
Bytebase provides templates for configuring built-in OAuth providers.
Follow the Using OAuth 2.0 to Access Google APIs to create OAuth 2.0 client credentials in Google API Console.
Open creating SSO dialog and select the Google template.
Update the Client ID and Client secret fields with the OAuth 2.0 client credential you just created.
After filling in all the required fields, try to click Test connection.
If everything is OK, click the Create button.
Follow Creating an OAuth App in GitHub to create an OAuth app in GitHub, where you replace YOUR_EXTERNAL_URL
in the image below with the external URL you configured in Bytebase Workspace.
Open creating SSO dialog and select the GitHub template.
Update the Client ID and Client secret fields with the GitHub OAuth App you just created.
After filling in all the required fields, try to click Test connection.
If everything is OK, click the Create button.
Go to your GitHub Public profile, make sure your Public email is set to the email you intend to use for SSO. Otherwise, the SSO will not work.Add commentMore actions
Follow Configure GitLab as an OAuth 2.0 authentication identity provider to create an OAuth 2 application in GitLab.
Open creating SSO dialog and select the GitLab template.
Update the Client ID and Client secret fields with the GitLab OAuth 2 application you just created.
After filling in all the required fields, try to click Test connection.
If everything is OK, click the Create button.
Follow the Register an application with the Microsoft identity platform to create an Application in Microsoft Entra admin center.
Create a client secret in the Client credentials tab.
Open creating SSO dialog and select the Microsoft Entra template.
Update the Client ID, Client secret and the Endpoints fields with the OAuth 2.0 client credential you just created.
After filling in all the required fields, try to click Test connection.
If everything is OK, click the Create button.