How to register Janitor as a Mozilla Auth0 app?


(Jan) #1

Hello! Thanks for all the great work on Auth0, it makes singing in as a MoCo employee very convenient. :+1:

I work on https://janitor.technology/ and we’d like to add MoCo-specific resources to our service (i.e. AWS container hosting + Azure Windows VM hosting, paid for by Mozilla for its employees working on Firefox and Servo).

Janitor already has a few OAuth2 integrations (GitHub and Bugzilla, both WIP) which can be enabled in your Janitor settings (but we’d also like to eventually offer “Sign in with GitHub/Bugzilla” buttons on the login page).

So we’d like to add a MoCo Auth0 integration, allowing MoCo employees to sign in with it and access MoCo-specific resources.

Could you please point us in the right direction? Specifically, we’d like to know:

  • How to register https://janitor.technology/ as a MoCo Auth0 app (i.e. “Relying Party”?), in exchange for a client_id and client_secret?
  • Is the usual OAuth2 web flow supported, i.e. link user to an authorization URL like https://auth.mozilla.auth0.com/login/oauth/authorize (with params client_id, redirect_uri, scope and state), and then eventually they’re redirected to a URL like https://janitor.technology/login/moco-auth0/ (with params accessToken and refreshToken)?
  • Does OpenID Connect change many things to the usual OAuth2 web flow?

(Henrik Mitsch) #2

Hi @janx,

thank you for reaching out!

Can you please file a ServiceNow request:

The IAM Team will then follow-up. It will most likely be @jabba and @kang.
Best regards,
Henrik


(Jan) #3

Ah, I should have guess that the answer is always “please file a ServiceNow request” (my fault for not checking first).

I’ll do that, thanks a lot! :smile:


(kang) #4

Hi,

Note that if you want some tech details we have an accompanying document at https://mana.mozilla.org/wiki/display/SECURITY/SSO+Request+Form as well