Enable multi-tenancy in your Dittofeed instance.
multi-tenant
“auth mode”, allows you to run multiple Dittofeed workspaces on a single instance of Dittofeed. These workspaces allow you to isolate data for different customers, and can be managed programmatically.
The multi-tenant
auth mode also provides separate workspace member accounts, which can log into Dittofeed using their own credentials and permissions.
The multi-tenant
auth mode is only available in dittofeed-ee, and Dittofeed cloud. See dittofeed-ee for more information on installing dittofeed-ee.
https://manage.auth0.com/dashboard/us/dittofeed/applications/<application-id>/settings
) take the following actions.
Client ID
which will be used as the OPEN_ID_CLIENT_ID
.Client Secret
which will be used as the OPEN_ID_CLIENT_SECRET
.https://<your-dittofeed-instance>/dashboard/oauth2/callback
.Logout URL
of the form https://<your-dittofeed-instance>/dashboard/signout/complete
.Allowed Web Origins
of the form https://<your-dittofeed-instance>
.SECRET_KEY
.
OpenID Connect
settings page.
https://cognito-idp.<your-region>.amazonaws.com/<your-user-pool-id>/.well-known/openid-configuration
https://<your-dittofeed-instance>/dashboard/oauth2/callback
https://<your-dittofeed-instance>/dashboard/signout/complete
https://<your-keycloak-domain>
dittofeed
(or your preferred realm name)OpenID Connect
dittofeed-client
(this will be your OPEN_ID_CLIENT_ID
)ON
OFF
ON
OFF
https://<your-dittofeed-domain>/dashboard/oauth2/callback
https://<your-dittofeed-domain>/dashboard/signout/complete
https://<your-dittofeed-domain>
dittofeed-client
OPEN_ID_CLIENT_SECRET
)AUTH_PROVIDER
environment variable should be set to keycloak
for proper provider identificationOPEN_ID_RETURN_TO_QUERY_PARAM
for Keycloak is post_logout_redirect_uri
.