An Okta authentication boilerplate for Silverstripe
This module adds Okta OAuth2 authentication to your Silverstripe website
⚠️ 🧪 This module is under active development and may include breaking changes.
With this module you can
- Create an OAuth2 client via configuration using bigfork/silverstripe-oauth-login
- Authenticate an Okta user that may or may not be a Silverstripe member, via Okta OAuth
- Link a user to an Okta group
- Optionally disallow/allow the default member authenticator alongside Okta auth
- Create an Okta API client using okta/sdk
- Synchronise users via a queued job (via Okta API)
- Block sign-in for those Okta users who have stopped appearing for a configured time period in synchronisation results
- Optionally remove users who have not synchronised after a certain time.
Use of the Okta API is optional.
- An Okta account
- An Okta OAuth service application configured with scopes granted
- If you require multiple sites authenticating via Okta, a service application per site.
- To work with the Okta API, you will need an Okta API token
Start here for project setup and configuration examples.
composer require nswdpc/silverstripe-okta-boilerplate
After installing the module, run a
dev/build then start with the documentation.
- Private Key authentication mode
We welcome bug reports, pull requests and feature requests on the Github Issue tracker for this project.
Please review the code of conduct prior to opening a new issue.
If you have found a security issue with this module, please email digital[@]dpc.nsw.gov.au in the first instance, detailing your findings.
If you would like to make contributions to the module please ensure you raise a pull request and discuss with the module maintainers.
Please review the code of conduct prior to completing a pull request.