Dex provides a range of configurable options that empower you to fine-tune and personalize various aspects of the authentication and user flow.
Customize OAuth2 settings to align with your authentication requirements.
oauth2:
responseTypes: [ "code" ]
skipApprovalScreen: true
alwaysShowLoginScreen: false
responseTypes
- allows you to configure the desired auth flow (Authorization Code Flow
, Implicit Flow
, or Hybrid Flow
) based on different values. See the table below for valid configuration options.responseTypes value | flow |
---|---|
code | Authorization Code Flow |
id_token | Implicit Flow |
id_token token | Implicit Flow |
code id_token | Hybrid Flow |
code token | Hybrid Flow |
code id_token token | Hybrid Flow |
Examples of the different flows and their behavior can be found in the official openid spec. |
Customizing the user flow allows you to influence how users login into your application.
skipApprovalScreen
- controls the need for user approval before sharing data with connected applications. If enabled, users must approve data sharing with every auth flow.approval_prompt=force
parameter. In this case, the approval screen is always shown.alwaysShowLoginScreen
- whether to always display the login screen. If only one authentication method is enabled, the default behavior is to go directly to it. For connected IdPs, this redirects the browser away from the application to upstream provider, such as the Google login page.Password grants involve clients directly sending a user’s credentials (username
and password
) to the authorization server (dex), acquiring access tokens without the need for an intermediate authorization step.
oauth2:
passwordConnector: local
passwordConnector
- specifies the connector’s id that is used for password grants