Register Identity provider with Auth service
To enable the authentication through the identity provider, it needs to be registered with Auth service. In this tutorial, you will learn how to register the IdP for each authentication protocol.
Prerequisite
Tutorial steps
- Register IdP with the Auth service
- Apply the change using
tailorctl
1. Register IdP with the Auth service
Locate auth.cue file in the services/auth directory within your application.
This file contains the configuration for the Auth service.
1. OIDC
<span><span style="color: var(--shiki-token-keyword)">package</span><span style="color: var(--shiki-color-text)"> auth</span></span>
<span></span>
<span><span style="color: var(--shiki-token-keyword)">import</span><span style="color: var(--shiki-color-text)"> (</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">github.com/tailor-platform/tailorctl/schema/v2/auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">github.com/tailor-platform/tailorctl/schema/v2/secretmanager</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/environment</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/services/tailordb</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> tailordbType </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/services/tailordb/type</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)">)</span></span>
<span></span>
<span><span style="color: var(--shiki-color-text)">auth.#Spec </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Namespace: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">my-auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> IdProviderConfigs: [</span></span>
<span><span style="color: var(--shiki-color-text)"> auth.#IDProviderConfig </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Name: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">ims-auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> Config: auth.#OIDC </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> ClientID: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)"><oidc-client-id></span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> ClientSecret: secretmanager.#SecretValue </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> VaultName: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)"><vault-name></span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> SecretKey: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)"><client-secret-key></span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> ProviderURL: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">https://YOUR-AUTH0-DOMAIN.us.auth0.com</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span><span style="color: var(--shiki-token-punctuation)">,</span></span>
<span><span style="color: var(--shiki-color-text)"> ]</span></span>
<span><span style="color: var(--shiki-color-text)"> UserProfileProvider: auth.#UserProfileProviderType.TailorDB</span></span>
<span><span style="color: var(--shiki-color-text)"> UserProfileProviderConfig: auth.#TailorDBProviderConfig </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Namespace: tailordb.Namespace</span></span>
<span><span style="color: var(--shiki-color-text)"> Type: tailordbType.User.Name</span></span>
<span><span style="color: var(--shiki-color-text)"> UsernameField: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">email</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> AttributesFields: [</span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">userAttributes</span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-color-text)">]</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)">}</span></span>
<span></span>Replace the ClientID and ProviderURL with your Auth0 values.
Also, you need to store your ClientSecret in the secret manager.
To store the secret, you need to create a vault and a key in the secret manager.
Run the following command to create a vault.
<span><span style="color: var(--shiki-token-function)">tailorctl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">workspace</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">vault</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">create</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--name</span><span style="color: var(--shiki-color-text)"> ${vault-name}</span></span>
<span></span>Your vault name can only contain lowercase letters (a-z), numbers (0-9), and hyphens (-). It must start and end with a letter or number and be between 2 and 62 characters long.
Run the following command to store the secret with a key in the vault.
<span><span style="color: var(--shiki-token-function)">tailorctl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">workspace</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">vault</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">secret</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">create</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--vault</span><span style="color: var(--shiki-color-text)"> ${vault-name} </span><span style="color: var(--shiki-token-string)">--name</span><span style="color: var(--shiki-color-text)"> ${key} </span><span style="color: var(--shiki-token-string)">--value</span><span style="color: var(--shiki-color-text)"> ${client-secret}</span></span>
<span></span>2. SAML
<span><span style="color: var(--shiki-token-keyword)">package</span><span style="color: var(--shiki-color-text)"> auth</span></span>
<span></span>
<span><span style="color: var(--shiki-token-keyword)">import</span><span style="color: var(--shiki-color-text)"> (</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">github.com/tailor-platform/tailorctl/schema/v2/auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">github.com/tailor-platform/tailorctl/schema/v2/secretmanager</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/environment</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/services/tailordb</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> tailordbType </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/services/tailordb/type</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)">)</span></span>
<span></span>
<span><span style="color: var(--shiki-color-text)">auth.#Spec </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Namespace: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">my-auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> IdProviderConfigs: [</span></span>
<span><span style="color: var(--shiki-color-text)"> auth.#IDProviderConfig </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Name: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">ims-auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> Config: auth.#SAML </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> MetadataURL: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)"><metadata_url></span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> SpCertBase64: secretmanager.#SecretValue </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> VaultName: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">default</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> SecretKey: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">saml-cert</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> SpKeyBase64: secretmanager.#SecretValue </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> VaultName: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">default</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> SecretKey: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">saml-key</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span><span style="color: var(--shiki-token-punctuation)">,</span></span>
<span><span style="color: var(--shiki-color-text)"> ]</span></span>
<span><span style="color: var(--shiki-color-text)"> UserProfileProvider: auth.#UserProfileProviderType.TailorDB</span></span>
<span><span style="color: var(--shiki-color-text)"> UserProfileProviderConfig: auth.#TailorDBProviderConfig </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Namespace: tailordb.Namespace</span></span>
<span><span style="color: var(--shiki-color-text)"> Type: tailordbType.User.Name</span></span>
<span><span style="color: var(--shiki-color-text)"> UsernameField: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">email</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> AttributesFields: [</span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">userAttributes</span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-color-text)">]</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)">}</span></span>
<span></span>To locate your MetadataURL, scroll to the bottom of the Settings page of the application and click on Advanced Settings. Then, select the Endpoints tab and locate SAML Metadata URL.
Replace the MetadataURL in auth.cue with your Auth0 values.
To create your own certificate and key and store it in vault, follow the steps mentioned below.
- You need to create an RSA private key to create your certificate signing request (CSR). To create your private key, use the openssl genrsa command:
<span><span style="color: var(--shiki-token-function)">openssl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">genrsa</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-constant)">2048</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-keyword)">></span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">privatekey.pem</span></span>
<span></span>- A CSR is a file you send to a certificate authority (CA) to apply for a digital server certificate. To create a CSR, use the openssl req command:
<span><span style="color: var(--shiki-token-function)">openssl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">req</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-new</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-key</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">privatekey.pem</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-out</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">csr.pem</span></span>
<span></span>- To sign the certificate, use the openssl x509 command:
<span><span style="color: var(--shiki-token-function)">openssl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">x509</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-req</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-days</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-constant)">365</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-in</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">csr.pem</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-signkey</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">privatekey.pem</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-out</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">public.crt</span></span>
<span></span>Next, you need to store your SpCertBase64 and SpKeyBase64 in the secret manager.
To store the secret, you need to create a vault and a key in the secret manager.
Create a vaultnamed default by running the following command.
<span><span style="color: var(--shiki-token-function)">tailorctl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">workspace</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">vault</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">create</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--name</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">default</span></span>
<span></span>Your vault name can only contain lowercase letters (a-z), numbers (0-9), and hyphens (-). It must start and end with a letter or number and be between 2 and 62 characters long.
Run the following commands to store SAML certificate and key in the vault.
<span><span style="color: var(--shiki-token-function)">tailorctl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">workspace</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">vault</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">secret</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">create</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--name</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">saml-cert</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--vault</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">default</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--value</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string-expression)">$(</span><span style="color: var(--shiki-token-function)">cat</span><span style="color: var(--shiki-token-string-expression)"> </span><span style="color: var(--shiki-token-string)">public.crt</span><span style="color: var(--shiki-token-string-expression)"> </span><span style="color: var(--shiki-token-keyword)">|</span><span style="color: var(--shiki-token-string-expression)"> </span><span style="color: var(--shiki-token-function)">base64</span><span style="color: var(--shiki-token-string-expression)">)</span></span>
<span><span style="color: var(--shiki-token-function)">tailorctl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">workspace</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">vault</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">secret</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">create</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--name</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">saml-key</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--vault</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">default</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">--value</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string-expression)">$(</span><span style="color: var(--shiki-token-function)">cat</span><span style="color: var(--shiki-token-string-expression)"> </span><span style="color: var(--shiki-token-string)">privatekey.pem</span><span style="color: var(--shiki-token-string-expression)"> </span><span style="color: var(--shiki-token-keyword)">|</span><span style="color: var(--shiki-token-string-expression)"> </span><span style="color: var(--shiki-token-function)">base64</span><span style="color: var(--shiki-token-string-expression)">)</span></span>
<span></span>3. ID Token
<span><span style="color: var(--shiki-token-keyword)">package</span><span style="color: var(--shiki-color-text)"> auth</span></span>
<span></span>
<span><span style="color: var(--shiki-token-keyword)">import</span><span style="color: var(--shiki-color-text)"> (</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">github.com/tailor-platform/tailorctl/schema/v2/auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/services/tailordb</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> tailordbType </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/services/tailordb/type</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">tailor.build/template/environment</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)">)</span></span>
<span></span>
<span><span style="color: var(--shiki-color-text)">auth.#Spec </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Namespace: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">my-auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> IdProviderConfigs: [</span></span>
<span><span style="color: var(--shiki-color-text)"> auth.#IDProviderConfig </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Name: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">ims-auth</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> Config: auth.#IDToken </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> ClientID: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">ulIr9rgHeytUQYSRl9j2WvrwPJn9XaXx</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> ProviderURL: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">https://dev-uriukbxe1n5cqxwz.us.auth0.com/</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span><span style="color: var(--shiki-token-punctuation)">,</span></span>
<span><span style="color: var(--shiki-color-text)"> ]</span></span>
<span><span style="color: var(--shiki-color-text)"> UserProfileProvider: auth.#UserProfileProviderType.TailorDB</span></span>
<span><span style="color: var(--shiki-color-text)"> UserProfileProviderConfig: auth.#TailorDBProviderConfig </span><span style="color: var(--shiki-token-keyword)">&</span><span style="color: var(--shiki-color-text)"> {</span></span>
<span><span style="color: var(--shiki-color-text)"> Namespace: tailordb.Namespace</span></span>
<span><span style="color: var(--shiki-color-text)"> Type: tailordbType.User.Name</span></span>
<span><span style="color: var(--shiki-color-text)"> UsernameField: </span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">email</span><span style="color: var(--shiki-color-text)">"</span></span>
<span><span style="color: var(--shiki-color-text)"> AttributesFields: [</span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-token-string-expression)">userAttributes</span><span style="color: var(--shiki-color-text)">"</span><span style="color: var(--shiki-color-text)">]</span></span>
<span><span style="color: var(--shiki-color-text)"> }</span></span>
<span><span style="color: var(--shiki-color-text)">}</span></span>
<span></span>Replace the ClientID and ProviderURL with your Auth0 values.
2. Apply the change using tailorctl
Generate new workspace CUE file and apply the Auth changes.
<span><span style="color: var(--shiki-token-function)">tailorctl</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">workspace</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">apply</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">-m</span><span style="color: var(--shiki-color-text)"> </span><span style="color: var(--shiki-token-string)">./workspace.cue</span></span>
<span></span>You can now use your Auth service to manage access to resources.
Learn more
- In the Create user tutorial, we explain how to create users in your application.
- Create an OAuth2 client to securely authenticate and authorize access to your data.