Install Identity (Deprecated)
Squidex Identity server based on Squidex Headless CMS. It implements the OpenId Connect and OAuth 2.0 protocols to act as a central single sign on server.
WARNING: Squidex Identity is not maintained anymore.
Clone the Squidex identity repository with the following command:
git clone https://github.com/Squidex/squidex-identity.git
You can create the app with predefined schemas either in the cloud or in your custom installation:
%20(1)%20(1).png?alt=media)
Create Identity App
Update the configureation with the url to your Squidex instance and the client id and secret of the default client.
%20(1).png?alt=media)
Copy Default Client
Update the configuration file at:
Squidex.Identity/appsettings.json
"app": {
// ...
"url": "https://cloud.squidex.io",
"clientId": "identity:default",
"clientSecret": "xxx",
// ...
}
Of course you can also use environment variables, e.g.
APP__URL=https://cloud.squidex.io
APP__CLIENTID=identity:default
APP__CLIENTSECRET=xxx
If you create a identity app in Squidex you will see a schema with the settings, where you can upload a logo, footer text, privacy settings and so on.
Most settings are optional but you must setup credentials to an SMTP server.
%20(1)%20(1).png?alt=media)
Site Setting
Email Delivery Service:
If you want to use external authentication providers you can setup them in the authentication schemes section, here is an example for Google.
You have to create an OAuth 2.0-Client-IDs in the google developer console. You have to define the
redirect_uri
in this process and you must use http://localhost:3500/signin-google
the redirect URLs for other authentication providers are:
http://localhost:3500/signin-twitter
http://localhost:3500/signin-facebook
http://localhost:3500/signin-github
.png?alt=media)
Authentication Schemes
When you want to connect an external application to Squidex identity you have to configure a client. This is a little bit complicated, but you can find all settings here: http://docs.identityserver.io/en/latest/reference/client.html
You can also setup Squidex as an external client, so that the same users can also login to manage content.
In the first step you have to create a new client:
.png?alt=media)
Self-Hosted

Self-Hosted
In the second step you have to update the Squidex configuration at
Squidex/appsettings.json
"identity": {
...
"oidcName": "selfHostedName",
"oidcAuthority": "http://localhost:3500/",
"oidcClient": "client:selfHosted",
"oidcSecret": "xxx",
...
}
Then you can register at Squidex identity.
.png?alt=media)
Self-Hosted
Last modified 11mo ago