Orion101
  • Overview
  • Mission and Vision
  • Philosophy
  • Orion101 Agents
  • Orion101 Framework
    • Agents
    • Threads
    • Tools
    • Users
    • OAuth Apps
    • Workflows
    • Models
  • Configuration Options
    • General
    • Model Providers
    • Auth Providers
    • Workspace Provider
Powered by GitBook
On this page
  1. Configuration Options

Auth Providers

Authentication providers in Orion101 allow you to authenticate users with the identity provider of your choice. These providers are configured using environment variables, providing a secure and flexible way to manage access to your Orion101 installation.

Common Environment Variables

The following environment variables are required for all authentication providers. Setting the Client ID and Client Secret enables the chosen provider. Configuration details will be validated at system startup.

  • ORION101_AUTH_CLIENT_ID: The client ID for the authentication provider.

  • ORION101_AUTH_CLIENT_SECRET: The client secret for the authentication provider.

  • ORION101_AUTH_COOKIE_SECRET: A secret used to encrypt the authentication cookie. This must be 16, 24, or 32 bytes in length.

  • ORION101_AUTH_ADMIN_EMAILS: A comma-separated list of email addresses for admin users.

Optional Environment Variables:

  • ORION101_AUTH_EMAIL_DOMAINS: A comma-separated list of email domains permitted for authentication. If not set, all domains are allowed.

  • ORION101_AUTH_CONFIG_TYPE: The type of authentication provider, such as google or github. Defaults to google if not specified.

Google Authentication

Google is the default authentication provider for Orion101. No additional environment variables are required for enabling Google authentication, making it a straightforward choice for many deployments.

GitHub Authentication

GitHub authentication allows additional customization through the following optional environment variables:

  • ORION101_AUTH_GITHUB_ORG: Restricts authentication to members of a specified GitHub organization. If not set, all users with valid credentials can log in.

  • ORION101_AUTH_GITHUB_TEAM: Limits authentication to members of a specific GitHub team. Ignored if not set.

  • ORION101_AUTH_GITHUB_REPO: Restricts authentication to collaborators of a specific repository, formatted as orgname/repo. Ignored if not set.

  • ORION101_AUTH_GITHUB_TOKEN: A token used to verify repository collaborators. This token must have push access to the repository.

  • ORION101_AUTH_GITHUB_ALLOW_USERS: A comma-separated list of GitHub users allowed to log in, even if they do not belong to the specified organization or team.

PreviousModel ProvidersNextWorkspace Provider

Last updated 4 months ago