Skip to content
This repository has been archived by the owner on Nov 1, 2023. It is now read-only.

aserto-dev/aserto-idp-sync

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits

.github/workflows

.github/workflows

 
 

.vscode

.vscode

 
 

api/idpsync/v1

api/idpsync/v1

 
 

cmd/aserto-idp-sync

cmd/aserto-idp-sync

 
 

internal/tools

internal/tools

 
 

pkg

pkg

 
 

.envrc

.envrc

 
 

.gitignore

.gitignore

 
 

.golangci.yaml

.golangci.yaml

 
 

.goreleaser.yml

.goreleaser.yml

 
 

Depfile

Depfile

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

buf.gen.yaml

buf.gen.yaml

 
 

buf.lock

buf.lock

 
 

buf.yaml

buf.yaml

 
 

go.mod

go.mod

 
 

go.sum

go.sum

 
 

mage.go

mage.go

 
 

magefile.go

magefile.go

 
 

Repository files navigation

aserto-idp-sync

Aserto IDP Sync

aserto-idp-sync is a specialized service that enables the blocking synchronization of an IDP user, into the Aserto directory. This capability is especially useful when implementing sign-up flows.

NOTE: Currently, this service only supports synchronizing Auth0 managed users.

The services can be run inside your environment and is explicitly configured for your tenant, using your aserto-tenant-id and an API key to communicate to the Aserto directory.

The Auth0 configuration requires a domain, client-id, and client-secret; similar to how you configure the Auth0 IDP connection inside Aserto, the Auth0 connection used by the service only requires the read:users scope.

Configuration

The service is configured using a yaml based configuration file, passed as a command line arrugment to the service, for example: -c config.yaml or --config config.yaml

config.yaml

---
logging:
  prod: true
  log_level: info

api:
  grpc:
    listen_address: "0.0.0.0:8282"
    connection_timeout_seconds: 10
    certs:
      tls_cert_path: "/home/root/.config/aserto/aserto-idp-sync/certs/grpc.crt"
      tls_key_path: "/home/root/.config/aserto/aserto-idp-sync/certs/grpc.key"
      tls_ca_cert_path: "/home/root/.config/aserto/aserto-idp-sync/certs/grpc-ca.crt"
  gateway:
    listen_address: "0.0.0.0:8383"
    allowed_origins:
    - https://0.0.0.0",
    - https://0.0.0.0:*"
    certs:
      tls_cert_path: "/home/root/.config/aserto/aserto-idp-sync/certs/gateway.crt"
      tls_key_path: "/home/root/.config/aserto/aserto-idp-sync/certs/gateway.key"
      tls_ca_cert_path: "/home/root/.config/aserto/aserto-idp-sync/certs/gateway-ca.crt"
  health:
    listen_address: "0.0.0.0:8484"

idp:
  auth0:
    domain: "<<<redacted>>>.us.auth0.com"
    client_id: "<<<redacted>>>"
    client_secret: "<<<redacted>>>"

directory:
  host_address: "authorizer.prod.aserto.com:8443"
  tenant_id: "<<<redacted>>>"
  directory_api_key: "<<<redacted>>>"
  generate_user_id: false

Running the service

To run the service using a local binary:

aserto-idp-sync run --config config.yaml

To run the service using a Docker container image:

docker run -ti \
--platform=linux/amd64 \
--name aserto-idp-sync \
--rm \
-p 8282:8282 \
-p 8383:8383 \
-p 8484:8484 \
-v $PWD:/cfg \
ghcr.io/aserto-dev/aserto-idp-sync:latest run --config=/cfg/config-dev.yaml

Integration

You can interact with the service via REST or gRPC API calls.

gRPC example using grpcurl

grpcurl -insecure -d '{"email_address": "demo@aserto.com"}' localhost:8282 idpsync.v1.IDPSync.SyncUser

http REST example using curl

curl -k -d '{"email_address": "demo@aserto.com"}' -X POST https://localhost:8383/api/v1/sync/user

About

Aserto IDP Sync

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases 3

aserto-idp-sync v0.0.4 Latest
Nov 12, 2021
+ 2 releases

Packages 1

 

Contributors 4

  •  
  •  
  •  
  •  

Languages