mirror of
https://github.com/netbirdio/docs.git
synced 2026-04-16 15:36:36 +00:00
Add Zitadel SSO docs (#691)
This commit is contained in:
Bethuel Mmbaga
@@ -76,6 +76,12 @@ to integrate with NetBird. Below are the steps to set up different OIDC-complian
|
||||
|
||||
<Button href="/manage/team/single-sign-on/duo-security" variant="outline">Setup Duo Security</Button>
|
||||
|
||||
### Zitadel
|
||||
|
||||
[Zitadel](https://zitadel.com/) is an open-source, API-first identity infrastructure platform built with multi-tenancy at its core. It provides single sign-on, passwordless authentication, role-based access control, and supports OpenID Connect, OAuth 2.0, and SAML.
|
||||
|
||||
<Button href="/manage/team/single-sign-on/zitadel" variant="outline">Setup Zitadel</Button>
|
||||
|
||||
### cidaas
|
||||
|
||||
[cidaas](https://www.cidaas.com/) is a cloud-native Identity and Access Management platform that supports OpenID Connect, OAuth 2.0, and SAML 2.0. It provides single sign-on, multi-factor authentication, user self-service, and fine-grained authorization.
|
||||
|
||||
85
src/pages/manage/team/single-sign-on/zitadel.mdx
Normal file
85
src/pages/manage/team/single-sign-on/zitadel.mdx
Normal file
@@ -0,0 +1,85 @@
|
||||
import {Note} from "@/components/mdx";
|
||||
|
||||
# Zitadel on NetBird Cloud
|
||||
|
||||
You can use Zitadel as your Identity Provider with NetBird, but it will require some additional configuration steps. Zitadel is an open-source, API-first identity infrastructure platform built with multi-tenancy at its core. It provides single sign-on, passwordless authentication, role-based access control, and supports OpenID Connect, OAuth 2.0, and SAML.
|
||||
|
||||
<Note>
|
||||
Support for OIDC-compliant IdPs is available on the Team plan and higher.
|
||||
The Free plan supports Google, Microsoft, and social logins.
|
||||
</Note>
|
||||
|
||||
## Step 1: Create a New Project
|
||||
|
||||
Log in to your Zitadel console at `https://<your-instance>.zitadel.cloud`. Navigate to **Projects** and click **+ Create New Project**. Enter `NetBird` as the project name and click **Continue**.
|
||||
|
||||
<p>
|
||||
<img src="/docs-static/img/manage/team/single-sign-on/zitadel-idp/create-project.png" alt="zitadel-create-project" className="imagewrapper-big"/>
|
||||
</p>
|
||||
|
||||
You should see the project dashboard once the project is created.
|
||||
|
||||
<p>
|
||||
<img src="/docs-static/img/manage/team/single-sign-on/zitadel-idp/project-created.png" alt="zitadel-project-created" className="imagewrapper-big"/>
|
||||
</p>
|
||||
|
||||
## Step 2: Create a New Application
|
||||
|
||||
Inside your project, click **+ New** to create a new application. Configure the following:
|
||||
- **Name**: `NetBird`
|
||||
- **Type**: `Web`
|
||||
|
||||
<p>
|
||||
<img src="/docs-static/img/manage/team/single-sign-on/zitadel-idp/create-application.png" alt="zitadel-create-application" className="imagewrapper-big"/>
|
||||
</p>
|
||||
|
||||
Click **Continue**.
|
||||
|
||||
## Step 3: Configure Authentication Method
|
||||
|
||||
Select **Code** as the authentication method. This enables the Authorization Code flow with a client secret.
|
||||
|
||||
<p>
|
||||
<img src="/docs-static/img/manage/team/single-sign-on/zitadel-idp/authentication-method.png" alt="zitadel-authentication-method" className="imagewrapper-big"/>
|
||||
</p>
|
||||
|
||||
Click **Continue**.
|
||||
|
||||
## Step 4: Configure Redirect URIs
|
||||
|
||||
Set the following redirect settings:
|
||||
- **Redirect URIs**: `https://login.netbird.io/login/callback`
|
||||
- **Post Logout URIs**: `https://app.netbird.io`
|
||||
|
||||
<p>
|
||||
<img src="/docs-static/img/manage/team/single-sign-on/zitadel-idp/redirect-uris.png" alt="zitadel-redirect-uris" className="imagewrapper-big"/>
|
||||
</p>
|
||||
|
||||
Click **Continue** to proceed to the review stage. Verify your application settings and click **Create**.
|
||||
|
||||
<p>
|
||||
<img src="/docs-static/img/manage/team/single-sign-on/zitadel-idp/review-application.png" alt="zitadel-review-application" className="imagewrapper-big"/>
|
||||
</p>
|
||||
|
||||
## Step 5: Copy the Client Credentials
|
||||
|
||||
After creation, Zitadel displays the **Client ID** and **Client Secret**. Copy and store these securely — the Client Secret is only shown once.
|
||||
|
||||
<p>
|
||||
<img src="/docs-static/img/manage/team/single-sign-on/zitadel-idp/client-credentials.png" alt="zitadel-client-credentials" className="imagewrapper-big"/>
|
||||
</p>
|
||||
|
||||
## Step 6: Share Configuration with NetBird
|
||||
|
||||
Send the following information to the NetBird support team at support@netbird.io:
|
||||
|
||||
- **Client ID**
|
||||
- **Client Secret**
|
||||
- **Zitadel Instance URL** (`https://<your-instance>.zitadel.cloud`)
|
||||
- **Email domains for your users**
|
||||
|
||||
<Note>
|
||||
We recommend using a secure channel to share the Client Secret. You can send a separate email and use a secret sharing service like: <br/>
|
||||
- https://onetimesecret.com/en/ <br/>
|
||||
- https://password.link/en <br/>
|
||||
</Note>
|
||||
Reference in New Issue
Block a user