29 lines
1.6 KiB
Markdown
29 lines
1.6 KiB
Markdown
## 示例配置:
|
||
|
||
```yaml
|
||
Oauth2:
|
||
Admin: 701b9ea6-9f56-48cd-af3e-cbb4bfc1475c
|
||
ClientID: 3516291f53eca9b4901a01337e41be7dc52f565c8657d08a3fddb2178d13c5bf
|
||
ClientSecret: 0568b67c7b6d0ed51c663e2fe935683007c28f947a27b7bd47a5ad3d8b56fb67
|
||
Endpoint: "https://akkia.cloudflareaccess.com"
|
||
Type: cloudflare
|
||
```
|
||
|
||
## 配置说明:
|
||
|
||
| 参数 | 获取方式 |
|
||
|-----------------------|-----------------------------------------------------------------------------|
|
||
| Admin | `My Team` -> `Users` -> `<具体用户>` -> `User ID` |
|
||
| ClientID/ClientSecret | `Access` -> `Application` -> `Add an Application` <br/> -> `SaaS` -> `OIDC` |
|
||
| Endpoint | `Access` -> `Application` -> `Application URL` -> `只保留协议+域名的部分,路径不需要` |
|
||
|
||
### 新建SaaS-OIDC应用流程
|
||
|
||
Zero Trust Dashboard: https://one.dash.cloudflare.com
|
||
|
||
1. `Access` -> `Application` -> `Add an Application`;
|
||
2. 选择 `SaaS`,在`Application`中输入自定义的应用名称(例如nezha),选择`OIDC`后点击`Add application`;
|
||
3. `Scopes`选择`openid`, `email`, `profile`, `groups`;
|
||
4. `Redirect URLs`填写你的CallBack地址,例如 `https://monitor.example.com/oauth2/callback`;
|
||
5. 记录`Client ID`、`Client Secret`、`Issuer`地址中协议与域名的部分,例如`https://akkia.cloudflareaccess.com`
|
||
6. 编辑Dashboard配置文件(通常在`/opt/nezha/dashboard/data/config.yaml)`,参考示例配置修改`Oauth2`配置,并重启Dashboard服务 |