diff options
| author | feld <feld@feld.me> | 2021-02-02 18:35:08 +0000 |
|---|---|---|
| committer | feld <feld@feld.me> | 2021-02-02 18:35:08 +0000 |
| commit | f1f773f2c76b877f372767963a35c8e827f8d6e6 (patch) | |
| tree | f2ed7d6f2681af143a9d78e575209240206582f3 /docs | |
| parent | d37d4106c627e0d3a06765c5b46da40cb8ac41fe (diff) | |
| parent | 92efdf9adc5d061e0bb008d75dae67b1ae80b834 (diff) | |
Merge branch 'email-stub-in-verify-credentials' into 'develop'
Email-like field in /api/v1/accounts/verify_credentials (for PeerTube OAuth plugin and alike)
See merge request pleroma/pleroma!3286
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/configuration/auth.md | 1 | ||||
| -rw-r--r-- | docs/configuration/cheatsheet.md | 24 |
2 files changed, 17 insertions, 8 deletions
diff --git a/docs/configuration/auth.md b/docs/configuration/auth.md new file mode 100644 index 000000000..c80f094e7 --- /dev/null +++ b/docs/configuration/auth.md @@ -0,0 +1 @@ +See `Authentication` section of [the configuration cheatsheet](../configuration/cheatsheet.md#authentication). diff --git a/docs/configuration/cheatsheet.md b/docs/configuration/cheatsheet.md index 9d4b07bf4..ad5768465 100644 --- a/docs/configuration/cheatsheet.md +++ b/docs/configuration/cheatsheet.md @@ -893,6 +893,22 @@ Pleroma account will be created with the same name as the LDAP user name. Note, if your LDAP server is an Active Directory server the correct value is commonly `uid: "cn"`, but if you use an OpenLDAP server the value may be `uid: "uid"`. +### :oauth2 (Pleroma as OAuth 2.0 provider settings) + +OAuth 2.0 provider settings: + +* `token_expires_in` - The lifetime in seconds of the access token. +* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. +* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. + +OAuth 2.0 provider and related endpoints: + +* `POST /api/v1/apps` creates client app basing on provided params. +* `GET/POST /oauth/authorize` renders/submits authorization form. +* `POST /oauth/token` creates/renews OAuth token. +* `POST /oauth/revoke` revokes provided OAuth token. +* `GET /api/v1/accounts/verify_credentials` (with proper `Authorization` header or `access_token` URI param) returns user info on requester (with `acct` field containing local nickname and `fqn` field containing fully-qualified nickname which could generally be used as email stub for OAuth software that demands email field in identity endpoint response, like Peertube). + ### OAuth consumer mode OAuth consumer mode allows sign in / sign up via external OAuth providers (e.g. Twitter, Facebook, Google, Microsoft, etc.). @@ -965,14 +981,6 @@ config :ueberauth, Ueberauth, ] ``` -### OAuth 2.0 provider - :oauth2 - -Configure OAuth 2 provider capabilities: - -* `token_expires_in` - The lifetime in seconds of the access token. -* `issue_new_refresh_token` - Keeps old refresh token or generate new refresh token when to obtain an access token. -* `clean_expired_tokens` - Enable a background job to clean expired oauth tokens. Defaults to `false`. - ## Link parsing ### :uri_schemes |