Skip to content

Commit 514064e

Browse files
evelinadanielssonevelinadanielsson
committed
added oidc credential forwarding not enabled notification
1 parent 0d4d229 commit 514064e

File tree

1 file changed

+63
-0
lines changed

1 file changed

+63
-0
lines changed

modules/ROOT/pages/notifications/all-notifications.adoc

Lines changed: 63 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3649,6 +3649,69 @@ m|SECURITY
36493649
m|WARNING
36503650
|===
36513651

3652+
[#_neo_clientnotification_security_oidccredentialforwardingnotenabled]
3653+
=== OIDC credential forwarding is not enabled
3654+
3655+
.Notification details
3656+
[cols="<1s,<4"]
3657+
|===
3658+
|Neo4j code
3659+
m|Neo.ClientNotification.Security.OidcCredentialForwardingNotEnabled
3660+
|Title
3661+
a|OIDC credential forwarding is not enabled.
3662+
|Description
3663+
a|Use setting 'dbms.security.allow_oidc_credential_forwarding_enabled' to enable OIDC credential forwarding.
3664+
|Category
3665+
m|SECURITY
3666+
|GQLSTATUS code
3667+
m|01N74
3668+
|Status description
3669+
|warn: OIDC credential forwarding disabled.
3670+
Use the setting `dbms.security.allow_oidc_credential_forwarding_enabled` to enable OIDC credential forwarding.
3671+
|Classification
3672+
m|SECURITY
3673+
|SeverityLevel
3674+
m|WARNING
3675+
|===
3676+
3677+
.Create a remote database alias with remote credentials set to OIDC credential forwarding when OIDC credential forwarding is not enabled.
3678+
[.tabbed-example]
3679+
=====
3680+
[.include-with-GQLSTATUS-code]
3681+
======
3682+
Command::
3683+
+
3684+
[source, cypher]
3685+
----
3686+
CREATE ALIAS `remote-neo4j` FOR DATABASE `neo4j` AT "neo4j+s://location:7687" OIDC CREDENTIAL FORWARDING
3687+
----
3688+
3689+
Returned GQLSTATUS code::
3690+
01N74
3691+
3692+
Returned status description::
3693+
warn: OIDC credential forwarding disabled.
3694+
Use the setting 'dbms.security.allow_oidc_credential_forwarding_enabled' to enable OIDC credential forwarding.
3695+
3696+
Suggestions for improvement::
3697+
Enable OIDC credential forwarding through the `dbms.security.allow_oidc_credential_forwarding_enabled` setting.
3698+
Until enabled, the new remote database alias will fail all access attempts.
3699+
3700+
======
3701+
[.include-with-neo4j-code]
3702+
======
3703+
Command::
3704+
+
3705+
[source, cypher]
3706+
----
3707+
CREATE ALIAS `remote-neo4j` FOR DATABASE `neo4j` AT "neo4j+s://location:7687" OIDC CREDENTIAL FORWARDING
3708+
----
3709+
3710+
Suggestions for improvement::
3711+
Enable OIDC credential forwarding through the `dbms.security.allow_oidc_credential_forwarding_enabled` setting.
3712+
Until enabled, all access attempts to the new remote database alias will fail.
3713+
======
3714+
=====
36523715

36533716
[#_neo_clientnotification_security_shardedperformance]
36543717
=== Sharded privilege performance

0 commit comments

Comments
 (0)