OAuth2.0 Configuration and Authentication

Currently Kato supports Github Gitlab Gitee, three Oauth types that support Git repository docking, and DingTalk, and Alibaba Cloud, two Oauth types that only support the login function. If you need more types, you need to refer to use cases to expand or contribute code. Reference implementation

All Oauth types supported by Kato need to be configured normally before they can be used normally. For example, Github Gitlab Gitee needs to be granted permission to obtain code repository lists, and Dingding and Alibaba Cloud need to grant permission to obtain user information. For details, refer to the following documentation:

Github Configuration Instructions

Go to Settings→Developer settings→OAuth Apps→New OAuth App
  • Application name: Client name, users can define by themselves
  • Homepage URI: Kato service homepage, such as https://gridworkz
  • Authorization callback URL: Rebound path, this path is used to receive the credentials returned by the third-party platform, homepage+/console/oauth/redirect, such as https://gridworkz/console/oauth/redirect
  • Permission setting: The permission setting of github is specified by the scope parameter in the authentication url, and it does not need to be specified when registering the client.

Gitlab Configuration Instructions

Enter User Settings→Applications
  • Name: Client name, users can define by themselves
  • Redirect URI: Redirection path This path is used to receive the credentials returned by the third-party platform homepage+/console/oauth/redirect such as https://gridworkz/console/oauth/redirect
  • Permission setting: gitlab permission setting needs to specify api, read_user, read_repository

Gitee Configuration Instructions

Go to Settings→Third Party Application→Create Application
  • App name: Client name, users can define by themselves
  • Application homepage: Kato service homepage such as https://gridworkz
  • Application callback address: Jump back path This path is used to receive the credentials returned by the third-party platform homepage+/console/oauth/redirect For example, https://gridworkz/console/oauth/redirect
  • Permission settings: gitee permission settings need to specify user_info, projects, hook

Certification on Kato Platform

Only Enterprise Administrators Can Operate

Enter Kato homepage enterprise view Settings-->Enable OAuth interconnection service

Fill in the registered Client ID and Client Secret, select the corresponding OAuth type, and click OK. At this time, users under the enterprise can log in using the OAuth2.0 protocol (custom oauth authentication service) Need to fill in authentication api, scope, token api, user information api and other information)

OAuth Service Authentication

After configuring the Oauth service, you can perform OAuth service authentication in the user information in the upper right corner of the platform, and interconnect with third-party platforms