From 91081caf9f826fcab8fcd486d85978a8ed3be498 Mon Sep 17 00:00:00 2001 From: mffap Date: Thu, 11 Jan 2024 16:27:37 +0200 Subject: [PATCH] docs: Add reference to Actions for custom claims and custom attributes (#7204) * make clear that yarn generate has to be run first * add reference to custom claims * add reference to custom saml attribute --- docs/README.md | 12 +++++++++++- docs/docs/apis/openidoauth/claims.md | 23 +++++++++++++++++++++++ docs/docs/apis/saml/endpoints.md | 11 ++++++++++- 3 files changed, 44 insertions(+), 2 deletions(-) diff --git a/docs/README.md b/docs/README.md index 89e080a31d..92d3f8f279 100644 --- a/docs/README.md +++ b/docs/README.md @@ -8,11 +8,13 @@ To add a new site to the already existing structure simply save the `md` file in ## Installation +Install dependencies with + ``` yarn install ``` -## Generate +then run ``` yarn generate @@ -21,10 +23,18 @@ yarn generate ## Local Development +Start a local development server with + ``` yarn start ``` +When working on the API docs, run a local development server with + +``` +yarn start:api +``` + ## Container Image If you just want to start docusaurus locally without installing node you can fallback to our container image. diff --git a/docs/docs/apis/openidoauth/claims.md b/docs/docs/apis/openidoauth/claims.md index ad20478187..930f11ae76 100644 --- a/docs/docs/apis/openidoauth/claims.md +++ b/docs/docs/apis/openidoauth/claims.md @@ -68,8 +68,31 @@ Please check below the matrix for an overview where which scope is asserted. ## Custom Claims +Custom claims are being inserted into user tokens in addition to the standard claims. +Your app can use custom claims to handle more complex scenarios, such as restricting access based on these claims. + You can add custom claims using the [complement token flow](/docs/apis/actions/complement-token) of the [actions feature](/docs/apis/actions/introduction). +Multiple examples of Actions that result in custom claims can be found in our [Marketplace for ZITADEL Actions](https://github.com/zitadel/actions). + +### Static values as custom claim + +```javascript reference +https://github.com/zitadel/actions/blob/de69b56f6d0463817953b59a52ffd6afc6a366fb/examples/add_claim.js#L9-L11 +``` + +### Metadata as custom claim + +```javascript reference +https://github.com/zitadel/actions/blob/main/examples/add_metadata.js#L9-L15 +``` + +### Format roles claims + +```javascript reference +https://github.com/zitadel/actions/blob/main/examples/custom_roles.js#L20-L33 +``` + ## Reserved Claims ZITADEL reserves some claims to assert certain data. Please check out the [reserved scopes](scopes#reserved-scopes). diff --git a/docs/docs/apis/saml/endpoints.md b/docs/docs/apis/saml/endpoints.md index bb0e765da0..b61586d15f 100644 --- a/docs/docs/apis/saml/endpoints.md +++ b/docs/docs/apis/saml/endpoints.md @@ -57,4 +57,13 @@ Regardless of the error, the used http error code will be '200', which represent response will contain a StatusCode include a message which provides more information if an error occurred. **Link to -spec** [Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 – Errata Composite](https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf) \ No newline at end of file +spec** [Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 – Errata Composite](https://www.oasis-open.org/committees/download.php/35711/sstc-saml-core-errata-2.0-wd-06-diff.pdf) + +## Custom attributes + +Custom attributes are being inserted into SAML response if not already present. +Your app can use custom claims to handle more complex scenarios, such as restricting access based on these claims. + +You can add custom attributes using the [complement SAMLresponse](/docs/apis/actions/customize-samlresponse) of the [actions feature](/docs/apis/actions/introduction). + +Examples of Actions that result in custom attributes can be found in our [Marketplace for ZITADEL Actions](https://github.com/zitadel/actions).