Using OAuth2.0 for authentication

Apidog supports OAuth2.0 (compatible with OIDC) integration and can be configured through Docker environment variables as follows:

Please be aware that environment variable values are case-sensitive. The required Redirect URI for your OAuth2 provider configuration is {BASE_URL}/passport/oauth2/callback. Please replace the {BASE_URL} placeholder with the value defined in your container's environment variable.

Environment Variable Name	Meaning	Default Value	Others
OAUTH2_ENABLE	Whether to enable OAuth2.0 login service		Set to true to enable, or leave blank or unset to disable
OAUTH2_AUTH_URL	OAuth2.0 application login authorization link		Required when enabling OAuth2.0 service
OAUTH2_ACCESS_TOKEN_URL	OAuth2.0 application link to exchange AccessToken		Required when enabling OAuth2.0 service
OAUTH2_USER_INFO_URL	URL to exchange personal information based on access token		Required when enabling OAuth2.0 service
OAUTH2_CLIENT_ID	OAuth2.0 application ID		Required when enabling OAuth2.0 service
OAUTH2_CLIENT_SECRET	OAuth2.0 application access Secret		Required when enabling OAuth2.0 service
OAUTH2_SCOPE	Scope	email,profile,openid	Configuration is typically required as described in the provider's documentation. The default value is compatible with Azure AD and Okta.
OAUTH2_USER_ID_ATTR	Default is 'id', used as the unique id for OAuth2.0 user attributes	id	Optional
OAUTH2_USER_EMAIL_ATTR	Email field	email	Optional
OAUTH2_USER_NAME_ATTR	Name field	name	Optional
OAUTH2_USER_AVATAR_ATTR	Avatar field	avatar	Optional
OAUTH2_LOGIN_TITLE	Control the button text which was showed on client Login page	Continue with OAuth 2.0	Optional

Configuration Example

For Microsoft Entra ID (formerly Azure Active Directory) OIDC

- name: OAUTH2_ENABLE
  value: 'true'
- name: OAUTH2_AUTH_URL
  value: >-
    https://login.microsoftonline.com/example-....-example/oauth2/v2.0/authorize
- name: OAUTH2_ACCESS_TOKEN_URL
  value: >-
    https://login.microsoftonline.com/example-....-example/oauth2/v2.0/token
- name: OAUTH2_CLIENT_ID
  value: <client-id>
- name: OAUTH2_CLIENT_SECRET
  value: <client-secret>
- name: OAUTH2_LOGIN_TITLE
  value: Continue with Azure AD
- name: OAUTH2_USER_INFO_URL
  value: https://graph.microsoft.com/oidc/userinfo
- name: OAUTH2_SCOPE
  value: 'sub,email,profile,openid'
- name: OAUTH2_USER_ID_ATTR
  value: sub

Different version of OIDC may require a different scope, for example:

- name: OAUTH2_ENABLE
  value: 'true'
- name: OAUTH2_AUTH_URL
  value: >-
    https://login.microsoftonline.com/example-....-example/oauth2/v2.0/authorize
- name: OAUTH2_ACCESS_TOKEN_URL
  value: >-
    https://login.microsoftonline.com/example-....-example/oauth2/v2.0/token
- name: OAUTH2_CLIENT_ID
  value: <client-id>
- name: OAUTH2_CLIENT_SECRET
  value: <client-secret>
- name: OAUTH2_LOGIN_TITLE
  value: Continue with Azure AD
- name: OAUTH2_USER_INFO_URL
  value: https://graph.microsoft.com/v1.0/me
- name: OAUTH2_SCOPE
  value: 'email,profile,openid,user.read'
- name: OAUTH2_USER_ID_ATTR
  value: id

For other

- name: OAUTH2_ENABLE
  value: 'true'
- name: OAUTH2_AUTH_URL
  value: https://example.com/oauth/auth
- name: OAUTH2_ACCESS_TOKEN_URL
  value: https://example.com/oauth/token
- name: OAUTH2_CLIENT_ID
  value: <client-id>
- name: OAUTH2_CLIENT_SECRET
  value: <client-secret>
- name: OAUTH2_LOGIN_TITLE
  value: Continue with Azure AD
- name: OAUTH2_USER_INFO_URL
  value: https://example.com/oauth/me
- name: OAUTH2_SCOPE
  value: 'email,profile,openid'
- name: OAUTH2_USER_ID_ATTR
  value: id

OAuth 2.0 flow chart:

Using OAuth2.0 for authentication

Configuration Example#

For Microsoft Entra ID (formerly Azure Active Directory) OIDC#

Different version of OIDC may require a different scope, for example:#

For other#

Configuration Example

For Microsoft Entra ID (formerly Azure Active Directory) OIDC

Different version of OIDC may require a different scope, for example:

For other