IdentityProvider
Defines the high-level intent for a customer-facing identity provider.
Translates into identity platform configurations, supporting social sign-in (Google, GitHub, etc.), email/password, and other standard identity protocols, driving authentication flows and branding for end-user applications.
| Property | Type | Description |
|---|
| apiVersion | string | |
| kind | string | |
| metadata | map | |
| spec | Spec | |
Spec
Contains the user-defined configuration for the identity provider.
Encapsulates configuration for supported login methods, user flow permissions (signup/deletion), and visual branding elements.
| Property | Type | Description |
|---|
| description | string | This description is optional but will drastically improve the understand of the AI assistant about the structural elements of the organization |
| disabled | bool | If true, this identity provider configuration will be disabled. |
| permissions | Permissions | |
| displayName | string | The display name for the identity provider, which will be shown to end-users on the login page. |
| mode | string | Defines the way social sign-in is handled. Possible values are 'POPUP' and 'REDIRECT'. |
| providers | Providers | A block to enable or disable specific third-party identity providers. For each provider set to true, the identity provider configuration is updated, and the platform expects corresponding client StateID and secret to be present in the centralized secret manager. |
| termsOfService | string | A URL to the terms of service document for the application. If absolute, it must use the https scheme. If relative, it must be relative to the domain where the application is hosted. |
| privacyPolicy | string | A URL to the privacy policy document for the application. If absolute, it must use the https scheme. If relative, it must be relative to the domain where the application is hosted. |
| logoUrl | string | A URL to the logo that will be displayed on the sign-in page. |
| iconUrl | string | A URL to the icon that will be displayed on the sign-in page. |
| buttonColor | string | The color of the button used on the sign-in page for this provider. This MUST be a hex color code. |
Permissions
| Property | Type | Description |
|---|
| disableUserSignup | bool | If true, end-users will not be able to sign up for a new account using this provider. |
| disableUserDeletion | bool | If true, end-users will not be able to delete their own account using this provider. Disabling this option will prevent GDPR compliance. |
Providers
| Property | Type | Description |
|---|
| anonymous | bool | |
| password | bool | |
| phone | bool | |
| google | bool | |
| apple | bool | |
| facebook | bool | |
| github | bool | |
| linkedIn | bool | |
| microsoft | bool | |
| googlePlay | bool | |
| twitter | bool | |
| yahoo | bool | |
| oauth2 | list of string | Generic OAuth 2.0 |