diff --git a/docs/runtime_suite_applications/secure-api-gateway/10_overview.md b/docs/runtime_suite_applications/secure-api-gateway/10_overview.md index b722e155ac..43d42ed44f 100644 --- a/docs/runtime_suite_applications/secure-api-gateway/10_overview.md +++ b/docs/runtime_suite_applications/secure-api-gateway/10_overview.md @@ -1,6 +1,6 @@ --- id: overview -title: Overview +title: Introduction sidebar_label: Overview --- @@ -10,15 +10,44 @@ DO NOT MODIFY IT BY HAND. Instead, modify the source file and run the aggregator to regenerate this file. --> -This application allows you to setup all the microservices and endpoints to enable front-end authorization with Auth0. +The **Secure Api Gateway** is an application that allow you to set up all the microservices and enpoints to enable an authorization flow using Auth0 or other external IDP. +The application contains the following **microservices**: + +- `Authorization Service` +- `API Gateway` +- `Auth0 Client` +- `OAuth Login Site` + +Moreover the application adds the following **endpoints**: + +- `/web-loging` +- `/authorize` +- `/oauth/token` +- `/user-info` +- `/logout` + +and the following **public variables**: + +- `AUTH0_NAMESPACE` +- `AUTH0_CALLBACK_URL` + +To have a deeper understandin on how to use the **Secure API Gateway** application to secure a [Microfrontend Composer] application with Auth0 as external provider check our [detailed tutorial](../../microfrontend-composer/tutorials/auth0-integration). + +To have an overview on how to use the **Secure API Gateway** application to secure an application in a scenario where you still have an external Identity Provider (IdP) but the token used by the client is produced within your project so that you can manage the user groups within your project using a dedicated CRUD collection read the [dedicated tutorial](../../microfrontend-composer/tutorials/auth0-integration). + +# Components Overview ## Authorization Service -The [authorization-service](../../runtime_suite/authorization-service/overview) is added (if it does not already exist) in order to manage the [authorization flow](../../console/project-configuration/authorization-flow). It is created with a standard configuration, with `USERINFO_URL` pointing to the `auth0-client` service. +The [authorization-service](../../runtime_suite/authorization-service/overview) is added by the application if it does not already exist. +The **authorizatin-service** is used to manage the [authorization flow](../../console/project-configuration/authorization-flow). It is created with a standard configuration, with `USERINFO_URL` pointing to the `auth0-client` service. + +To have a complete overview of all the possible configurations for the **authorization-service** read the [dedicated documentation page](../../runtime_suite/authorization-service/configuration). ## API Gateway The API Gateway is the microservice responsible for: + - routing requests to the correct service inside Kubernetes; - verify the need of authentication and orchestrate the conversation with Auth service. @@ -28,22 +57,22 @@ For further details you can refers to the [dedicated documentation](../../runtim This microservice will be responsible for the authentication part of the process, allowing the user to insert his/her credentials and proceed with the login process. -### Endpoints +With the _oauth-login-site_ microservice the following endpoints are added to your project: - `/web-login` ## Auth0 Client -The [auth0-client](../../runtime_suite/auth0-client/overview) is added (if it does not already exist) in order to handle authentication and user management using Auth0 as identity provider. +The [auth0-client](../../runtime_suite/auth0-client/overview_and_usage) is added if it does not already exist in order to handle authentication and user management using Auth0 as identity provider. -### Endpoints +With the _oauth-client_ microservice the following endpoints are added to your project: - `/authorize` - `/oauth/token` - `/userinfo` - `/logout` -### Public Variables +## Public Variables - `AUTH0_NAMESPACE`: name of the namespace of Auth0 tenant, - `AUTH0_CALLBACK_URL`: a URL to which Auth0 redirects the user at the end of the authentication process. Its value should be `https://{{HOST}}/web-login/callback`. diff --git a/docs/runtime_suite_applications/secure-api-gateway/20_configuration.md b/docs/runtime_suite_applications/secure-api-gateway/20_configuration.md index 2ca8bfb95e..34ba5a8ffe 100644 --- a/docs/runtime_suite_applications/secure-api-gateway/20_configuration.md +++ b/docs/runtime_suite_applications/secure-api-gateway/20_configuration.md @@ -199,5 +199,5 @@ Set the value for the following environment variables, used by the Auth0 client For further configuration on microservices included in the application you can refer to the dedicated documentation: - [Authorization Service](../../runtime_suite/authorization-service/configuration) -- [Oauth Login Site](../../runtime_suite_applications/dev_portal/authentication_configuration#configure-login-site) +- [Oauth Login Site](../dev_portal/authentication_configuration#configure-login-site) - [Auth0 Client](../../runtime_suite/auth0-client/configuration)