Added Authentik! Still working on Microsoft Entra ID

2025-09-18 17:00:38 -05:00
parent 8677bee1a9
commit 3092ada03a
8 changed files with 77 additions and 23 deletions
--- a/packages/backend/convex/auth.ts
+++ b/packages/backend/convex/auth.ts
@@ -9,9 +9,28 @@ import { api } from './_generated/api';
 import { type Id } from './_generated/dataModel';
 import { action, mutation, query } from './_generated/server';
 import Password from './CustomPassword';
+import Authentik from '@auth/core/providers/authentik';
+import MicrosoftEntraID from '@auth/core/providers/microsoft-entra-id'

 export const { auth, signIn, signOut, store, isAuthenticated } = convexAuth({
-  providers: [Password],
+  providers: [
+    Password,
+    Authentik,
+    MicrosoftEntraID({
+      clientId: process.env.AUTH_MICROSOFT_ENTRA_ID_ID!,
+      clientSecret: process.env.AUTH_MICROSOFT_ENTRA_ID_SECRET!,
+      // Either a tenant GUID, or "common" / "organizations" / "consumers"
+      issuer: process.env.AUTH_MICROSOFT_ENTRA_ID_ISSUER!,
+      // Optional, but providing an object prevents the undefined read:
+      profilePhotoSize: 48,
+      // Optional: request email + offline refresh
+      authorization: {
+        params: {
+          scope: 'openid profile email offline_access',
+        },
+      },
+    }),
+  ]
 });

 export const PASSWORD_MIN = 8;