config
config: {
authentication_portals?: {
cookie_config?: {
domains?: Record<
string,
{ insecure?: boolean; lifetime?: number; same_site?: string },
>;
insecure?: boolean;
lifetime?: number;
path?: string;
same_site?: string;
};
identity_providers?: string[];
identity_stores?: string[];
name: string;
ui?: { custom_css?: string; logo_url?: string; theme?: string };
user_transformer_configs?: Record<string, unknown>[];
}[];
authorization_policies?: {
access_list_rules?: {
action?: "allow"
| "deny";
comment?: string;
conditions?: string[];
}[];
bypass_configs?: { match_type: string; uri?: string }[];
crypto_key_configs?: { source?: string; token_name?: string }[];
name: string;
}[];
credentials?: { generic?: Record<string, unknown> };
identity_providers?: {
kind: "oauth";
name: string;
params:
| objectOutputType<
{
authorization_url: ZodOptional<ZodString>;
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<ZodString, "many">>;
token_url: ZodOptional<ZodString>;
},
ZodTypeAny,
"passthrough",
>
| objectOutputType<
{
client_id: ZodOptional<ZodString>;
client_secret: ZodOptional<ZodString>;
driver: ZodOptional<ZodString>;
metadata_url: ZodOptional<ZodString>;
realm: ZodOptional<ZodString>;
scopes: ZodOptional<ZodArray<ZodString, "many">>;
},
ZodTypeAny,
"passthrough",
>;
}[];
identity_stores?: (
| {
kind: "local";
name: string;
params: { path: string; realm?: string };
}
| {
kind: "ldap";
name: string;
params: {
bind_password?: string;
bind_username?: string;
groups?: { dn: string; roles?: (...)
| (...) }[];
realm?: string;
search_base_dn?: string;
search_user_filter?: string;
servers?: { address: string; port?: (...) | (...) }[];
} & { [k: string]: unknown };
}
)[];
}
Options for building a complete security app configuration