Skip to content

gousta/payload-plugin-oidc

Repository files navigation

OIDC plugin for Payload CMS

Software License Issues NPM

Features

  • Adds ability to sign in with your own OIDC provider
  • Adds sign in button on login page
  • Supports sign in and optional creation of user

Installation

npm install payload-plugin-oidc
# or
yarn add payload-plugin-oidc

Usage

// payload.config.ts
import { oidcPlugin } from 'payload-plugin-oidc';

export default buildConfig({
  serverURL: process.env.SERVER_URL,
  collections: [Users],
  plugins: [
    oidcPlugin({
      clientID: process.env.OIDC_CLIENT_ID,
      clientSecret: process.env.OIDC_CLIENT_SECRET,
      authorizationURL: `${process.env.OIDC_URI}/oidc/auth`,
      tokenURL: `${process.env.OIDC_URI}/oidc/token`,
      initPath: `/oidc/signin`,
      callbackPath: `/oidc/callback`,
      callbackURL: `${process.env.SELF_URL}/oidc/callback`,
      scope: 'openid offline_access profile email custom_data',
      mongoUrl: process.env.DATABASE_URI,
      components: {
        Button: SignInButton, //can be your own custom component
        position: "beforeLogin" //beforeLogin | afterLogin
      },
      userCollection: {
        slug: Users.slug,
        searchKey: 'email',
      },
      registerUserIfNotFound: true,
      async userinfo(accessToken) {
        const { data: user } = await axios.get(`${process.env.OIDC_URI}/oidc/me`, {
          headers: {
            Authorization: `Bearer ${accessToken}`,
          },
        });

        return {
          sub: user.sub,
          name: user.name,
          email: user.email,
          // You can use OIDC user custom data to get the role for this app
          role: user.custom_data?.my_app_role,

          // or you can do something like this
          // role: user.custom_data?.role ? 'admin' : 'editor',
        };
      },
    }),
  ],
});

Contributing

Contributions and feedback are very welcome.

To get it running:

  1. Clone the project.
  2. npm install
  3. npm run build

License

The MIT License (MIT). Please see License File for more information.

About

Add OpenID Connect (OIDC) sign in to your Payload CMS

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published