7 lines
5.4 KiB
JavaScript
7 lines
5.4 KiB
JavaScript
import{_ as e,o,c as a,R as t}from"./chunks/framework.44fd0451.js";const g=JSON.parse('{"title":"","description":"","frontmatter":{},"headers":[],"relativePath":"en_US/guide/q8.md","filePath":"en_US/guide/q8.md","lastUpdated":1715651890000}'),c={name:"en_US/guide/q8.md"},n=t(`<p>If you encounter issues logging in as an administrator using Github, Gitlab, or Gitee, you may consider switching to Cloudflare Access as the OAuth2 provider.</p><h2 id="example-configuration" tabindex="-1">Example Configuration: <a class="header-anchor" href="#example-configuration" aria-label="Permalink to "Example Configuration:""></a></h2><div class="language-yaml"><button title="Copy Code" class="copy"></button><span class="lang">yaml</span><pre class="shiki material-theme-palenight"><code><span class="line"><span style="color:#F07178;">Oauth2</span><span style="color:#89DDFF;">:</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#F07178;">Admin</span><span style="color:#89DDFF;">:</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">701b9ea6-9f56-48cd-af3e-cbb4bfc1475c</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#F07178;">ClientID</span><span style="color:#89DDFF;">:</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">3516291f53eca9b4901a01337e41be7dc52f565c8657d08a3fddb2178d13c5bf</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#F07178;">ClientSecret</span><span style="color:#89DDFF;">:</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">0568b67c7b6d0ed51c663e2fe935683007c28f947a27b7bd47a5ad3d8b56fb67</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#F07178;">Endpoint</span><span style="color:#89DDFF;">:</span><span style="color:#A6ACCD;"> </span><span style="color:#89DDFF;">"</span><span style="color:#C3E88D;">https://xxxxx.cloudflareaccess.com</span><span style="color:#89DDFF;">"</span></span>
|
||
<span class="line"><span style="color:#A6ACCD;"> </span><span style="color:#F07178;">Type</span><span style="color:#89DDFF;">:</span><span style="color:#A6ACCD;"> </span><span style="color:#C3E88D;">cloudflare</span></span></code></pre></div><h2 id="configuration-description" tabindex="-1">Configuration Description: <a class="header-anchor" href="#configuration-description" aria-label="Permalink to "Configuration Description:""></a></h2><table><thead><tr><th>Parameter</th><th>Retrieval Method</th></tr></thead><tbody><tr><td>Admin</td><td><code>My Team</code> -> <code>Users</code> -> <code><specific user></code> -> <code>User ID</code></td></tr><tr><td>ClientID/ClientSecret</td><td><code>Access</code> -> <code>Application</code> -> <code>Add an Application</code> <br> -> <code>SaaS</code> -> <code>OIDC</code></td></tr><tr><td>Endpoint</td><td><code>Access</code> -> <code>Application</code> -> <code>Application URL</code> -> <code>Only keep the protocol and domain, no path</code></td></tr></tbody></table><h3 id="creating-a-saas-oidc-application" tabindex="-1">Creating a SaaS-OIDC Application <a class="header-anchor" href="#creating-a-saas-oidc-application" aria-label="Permalink to "Creating a SaaS-OIDC Application""></a></h3><p>Go to Zero Trust Dashboard: <a href="https://one.dash.cloudflare.com" target="_blank" rel="noreferrer">https://one.dash.cloudflare.com</a></p><ol><li><code>My Team</code> -> <code>Users</code> -> <code><specific user></code> -> Get <code>User ID</code> and save it;</li><li><code>Access</code> -> <code>Application</code> -> <code>Add an Application</code>;</li><li>Select <code>SaaS</code>, enter a custom application name (e.g., nezha) in <code>Application</code>, select <code>OIDC</code>, and click <code>Add application</code>;</li><li>In <code>Scopes</code>, select <code>openid</code>, <code>email</code>, <code>profile</code>, <code>groups</code>;</li><li>Fill in your CallBack URL in <code>Redirect URLs</code>, such as <code>https://dashboard.example.com/oauth2/callback</code>;</li><li>Record the <code>Client ID</code>, <code>Client Secret</code>, and the protocol and domain part of the <code>Issuer</code> URL, such as <code>https://xxxxx.cloudflareaccess.com</code>;</li><li>Edit the Dashboard configuration file (usually located at <code>/opt/nezha/dashboard/data/config.yaml</code>), modify the <code>Oauth2</code> configuration according to the example configuration, and restart the Dashboard service.</li></ol><h3 id="authentication-policy-configuration" tabindex="-1">Authentication Policy Configuration <a class="header-anchor" href="#authentication-policy-configuration" aria-label="Permalink to "Authentication Policy Configuration""></a></h3><p>After completing the Dashboard setup, you also need to configure the authentication policy in the Zero Trust Dashboard: <code>Access</code> -> <code>Applications</code> -> <code><application name></code> -> <code>Policies</code>. You can choose from over ten SSO authentication methods, including email OTP verification, hardware key verification, etc. For detailed configuration, please refer to the <a href="https://developers.cloudflare.com/cloudflare-one/" target="_blank" rel="noreferrer">Cloudflare Zero Trust documentation</a>.</p>`,10),s=[n];function i(l,d,r,p,h,u){return o(),a("div",null,s)}const y=e(c,[["render",i]]);export{g as __pageData,y as default};
|