mirror of
https://github.com/twentyhq/twenty.git
synced 2024-11-26 13:42:44 +03:00
0f0a7966b1
## What it does ### Backend - [x] Add a mutation to create OIDC and SAML configuration - [x] Add a mutation to delete an SSO config - [x] Add a feature flag to toggle SSO - [x] Add a mutation to activate/deactivate an SSO config - [x] Add a mutation to delete an SSO config - [x] Add strategy to use OIDC or SAML - [ ] Improve error management ### Frontend - [x] Add section "security" in settings - [x] Add page to list SSO configurations - [x] Add page and forms to create OIDC or SAML configuration - [x] Add field to "connect with SSO" in the signin/signup process - [x] Trigger auth when a user switch to a workspace with SSO enable - [x] Add an option on the security page to activate/deactivate the global invitation link - [ ] Add new Icons for SSO Identity Providers (okta, Auth0, Azure, Microsoft) --------- Co-authored-by: Félix Malfait <felix@twenty.com> Co-authored-by: Charles Bochet <charles@twenty.com>
80 lines
3.0 KiB
Plaintext
80 lines
3.0 KiB
Plaintext
# Use this for local setup
|
|
PG_DATABASE_URL=postgres://twenty:twenty@localhost:5432/default
|
|
|
|
FRONT_BASE_URL=http://localhost:3001
|
|
|
|
ACCESS_TOKEN_SECRET=replace_me_with_a_random_string_access
|
|
LOGIN_TOKEN_SECRET=replace_me_with_a_random_string_login
|
|
REFRESH_TOKEN_SECRET=replace_me_with_a_random_string_refresh
|
|
FILE_TOKEN_SECRET=replace_me_with_a_random_string_refresh
|
|
SIGN_IN_PREFILLED=true
|
|
REDIS_URL=redis://localhost:6379
|
|
|
|
|
|
# ———————— Optional ————————
|
|
# PORT=3000
|
|
# DEBUG_MODE=true
|
|
# DEBUG_PORT=9000
|
|
# ACCESS_TOKEN_EXPIRES_IN=30m
|
|
# LOGIN_TOKEN_EXPIRES_IN=15m
|
|
# API_TOKEN_EXPIRES_IN=1000y
|
|
# REFRESH_TOKEN_EXPIRES_IN=90d
|
|
# FILE_TOKEN_EXPIRES_IN=1d
|
|
# FRONT_AUTH_CALLBACK_URL=http://localhost:3001/verify
|
|
# MESSAGING_PROVIDER_GMAIL_ENABLED=false
|
|
# CALENDAR_PROVIDER_GOOGLE_ENABLED=false
|
|
# IS_BILLING_ENABLED=false
|
|
# BILLING_PLAN_REQUIRED_LINK=https://twenty.com/stripe-redirection
|
|
# AUTH_PASSWORD_ENABLED=false
|
|
# IS_SIGN_UP_DISABLED=false
|
|
# AUTH_MICROSOFT_ENABLED=false
|
|
# AUTH_MICROSOFT_CLIENT_ID=replace_me_with_azure_client_id
|
|
# AUTH_MICROSOFT_TENANT_ID=replace_me_with_azure_tenant_id
|
|
# AUTH_MICROSOFT_CLIENT_SECRET=replace_me_with_azure_client_secret
|
|
# AUTH_MICROSOFT_CALLBACK_URL=http://localhost:3000/auth/microsoft/redirect
|
|
# AUTH_GOOGLE_ENABLED=false
|
|
# AUTH_GOOGLE_CLIENT_ID=replace_me_with_google_client_id
|
|
# AUTH_GOOGLE_CLIENT_SECRET=replace_me_with_google_client_secret
|
|
# AUTH_GOOGLE_CALLBACK_URL=http://localhost:3000/auth/google/redirect
|
|
# AUTH_GOOGLE_APIS_CALLBACK_URL=http://localhost:3000/auth/google-apis/get-access-token
|
|
# AUTH_SSO_ENABLED=false
|
|
# SERVERLESS_TYPE=local
|
|
# STORAGE_TYPE=local
|
|
# STORAGE_LOCAL_PATH=.local-storage
|
|
# SUPPORT_DRIVER=front
|
|
# SUPPORT_FRONT_HMAC_KEY=replace_me_with_front_chat_verification_secret
|
|
# SUPPORT_FRONT_CHAT_ID=replace_me_with_front_chat_id
|
|
# LOGGER_DRIVER=console
|
|
# LOGGER_IS_BUFFER_ENABLED=true
|
|
# EXCEPTION_HANDLER_DRIVER=sentry
|
|
# SENTRY_ENVIRONMENT=main
|
|
# SENTRY_RELEASE=latest
|
|
# SENTRY_DSN=https://xxx@xxx.ingest.sentry.io/xxx
|
|
# SENTRY_FRONT_DSN=https://xxx@xxx.ingest.sentry.io/xxx
|
|
# LOG_LEVELS=error,warn
|
|
# MESSAGE_QUEUE_TYPE=pg-boss
|
|
# DEMO_WORKSPACE_IDS=REPLACE_ME_WITH_A_RANDOM_UUID
|
|
# SERVER_URL=http://localhost:3000
|
|
# WORKSPACE_INACTIVE_DAYS_BEFORE_NOTIFICATION=30
|
|
# WORKSPACE_INACTIVE_DAYS_BEFORE_DELETION=60
|
|
# Email Server Settings, see this doc for more info: https://docs.twenty.com/start/self-hosting/#email
|
|
# EMAIL_FROM_ADDRESS=contact@yourdomain.com
|
|
# EMAIL_SYSTEM_ADDRESS=system@yourdomain.com
|
|
# EMAIL_FROM_NAME='John from YourDomain'
|
|
# EMAIL_DRIVER=logger
|
|
# EMAIL_SMTP_HOST=
|
|
# EMAIL_SMTP_PORT=
|
|
# EMAIL_SMTP_USER=
|
|
# EMAIL_SMTP_PASSWORD=
|
|
# PASSWORD_RESET_TOKEN_EXPIRES_IN=5m
|
|
# CAPTCHA_DRIVER=
|
|
# CAPTCHA_SITE_KEY=
|
|
# CAPTCHA_SECRET_KEY=
|
|
# API_RATE_LIMITING_TTL=
|
|
# API_RATE_LIMITING_LIMIT=
|
|
# MUTATION_MAXIMUM_AFFECTED_RECORDS=100
|
|
# CHROME_EXTENSION_ID=bggmipldbceihilonnbpgoeclgbkblkp
|
|
# PG_SSL_ALLOW_SELF_SIGNED=true
|
|
# SESSION_STORE_SECRET=replace_me_with_a_random_string_session
|
|
# ENTERPRISE_KEY=replace_me_with_a_valid_enterprise_key
|