Skip to content

config properties third_party

GitHub Action edited this page Jan 8, 2025 · 9 revisions

Version

v1.3.2

third_party Type

object (third_party)

third_party Properties

Property Type Required Nullable Defined by
providers object Optional cannot be null Config
custom_providers object Optional cannot be null Config
redirect_url string Optional cannot be null Config
error_redirect_url string Optional cannot be null Config
default_redirect_url string Optional cannot be null Config
allowed_redirect_urls array Optional cannot be null Config

providers

providers contains the configurations for the available OAuth/OIDC identity providers.

providers

  • is optional

  • cannot be null

providers Type

object (providers)

custom_providers

`custom_providers contains the configurations for custom OAuth/OIDC identity providers.

custom_providers

  • is optional

  • cannot be null

custom_providers Type

object (custom_providers)

redirect_url

redirect_url is the URL the third party provider redirects to with an authorization code. Must consist of the base URL of your running Hanko backend instance and the callback endpoint of the API, i.e. {YOUR_BACKEND_INSTANCE}/thirdparty/callback.

Required if any of the providers are enabled.

redirect_url

  • is optional

  • cannot be null

redirect_url Type

string

redirect_url Examples

https://yourinstance.com/thirdparty/callback

error_redirect_url

error_redirect_url is the URL the backend redirects to if an error occurs during third party sign-in. Errors are provided as 'error' and 'error_description' query params in the redirect location URL.

When using the Hanko web components it should be the URL of the page that embeds the web component such that errors can be processed properly by the web component.

You do not have to add this URL to the 'allowed_redirect_urls', it is automatically included when validating redirect URLs.

Required if any of the providers are enabled. Must not have trailing slash.

error_redirect_url

  • is optional

  • cannot be null

error_redirect_url Type

string

default_redirect_url

default_redirect_url is the URL the backend redirects to after it successfully verified the response from any third party provider.

Must not have trailing slash.

default_redirect_url

  • is optional

  • cannot be null

default_redirect_url Type

string

allowed_redirect_urls

allowed_redirect_urls is a list of URLs the backend is allowed to redirect to after third party sign-in was successful.

Supports wildcard matching through globbing. e.g. https://*.example.com will allow https://foo.example.com and https://bar.example.com to be accepted.

Globbing is also supported for paths, e.g. https://foo.example.com/* will match https://foo.example.com/page1 and https://foo.example.com/page2.

A double asterisk (**) acts as a "super"-wildcard/match-all.

See here for more on globbing.

Must not be empty if any of the providers are enabled. URLs in the list must not have a trailing slash.

allowed_redirect_urls

  • is optional

  • cannot be null

allowed_redirect_urls Type

string[]

allowed_redirect_urls Constraints

minimum number of items: the minimum number of items for this array is: 1

Clone this wiki locally