Skip to content

NetBox-Docker Okta & Google SSO Environment Additions #1475

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: develop
Choose a base branch
from
Open

NetBox-Docker Okta & Google SSO Environment Additions #1475

wants to merge 3 commits into from

Conversation

@skyefugate
Copy link

@skyefugate skyefugate commented Jul 3, 2025
edited
Loading

Related Issue: #1139

New Behavior

Adds native support for SSO configuration through environment variables and Docker secrets for OKTA OpenID Connect and Google OAuth2 providers. Users can now configure SSO authentication without needing to modify the configuration.py file directly.

Contrast to Current Behavior

Previously, users had to manually edit the configuration.py file to add SSO provider configurations. Now, SSO can be configured using standard environment variables and Docker secrets, following the same patterns used for other NetBox configuration options like database and Redis settings.

Discussion: Benefits and Drawbacks

Benefits:

Drawbacks:

  • Adds more environment variables to manage
  • Only covers two common SSO providers (though more can be added following the same pattern)

Backwards Compatibility:

  • Fully backwards compatible - existing configurations continue to work unchanged
  • New variables are optional and default to empty/None values

Changes to the Wiki

The Wiki should be updated to document the new SSO environment variables:

Suggested Wiki additions:

  • Add section on SSO configuration using environment variables
  • Document the new OKTA and Google OAuth2 variables
  • Provide examples of using Docker secrets for SSO credentials
  • Reference the updated env/netbox.env and docker-compose.override.yml.example files

Proposed Release Note Entry

Added SSO environment variable support: OKTA OpenID Connect and Google OAuth2 can now be configured using environment variables and Docker secrets without modifying configuration.py. New variables: SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY/SECRET/API_URL and SOCIAL_AUTH_GOOGLE_OAUTH2_KEY/SECRET. Secrets support Docker secrets named okta_openidconnect_secret and google_oauth2_secret.

Double Check

  • I have read the comments and followed the PR template.
  • I have explained my PR according to the information in the comments.
  • My PR targets the develop branch.

tobiasge and others added 3 commits May 5, 2025 07:51
@tobiasge
Merge pull request netbox-community#1450 from netbox-community/develop
477decd 
Version 3.3.0
@skyefugate
feat: add SSO environment variable support for OKTA and Google OAuth2
eaad696 
Add native support for SSO configuration through environment variables
and Docker secrets, eliminating the need to modify configuration.py
for common SSO providers.

Changes:
- Add OKTA OpenID Connect configuration variables:
  - SOCIAL_AUTH_OKTA_OPENIDCONNECT_KEY (env var)
  - SOCIAL_AUTH_OKTA_OPENIDCONNECT_SECRET (env var + Docker secret: okta_openidconnect_secret)
  - SOCIAL_AUTH_OKTA_OPENIDCONNECT_API_URL (env var)

- Add Google OAuth2 configuration variables:
  - SOCIAL_AUTH_GOOGLE_OAUTH2_KEY (env var)
  - SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET (env var + Docker secret: google_oauth2_secret)

Follows existing patterns with _read_secret() for sensitive data and
environ.get() for non-sensitive configuration.

Resolves: netbox-community#1139
@skyefugate
Secrets example
39d2b72
@skyefugate skyefugate mentioned this pull request Jul 3, 2025
Open
@skyefugate skyefugate changed the title Netbox docker okta NetBox-Docker Okta & Google SSO Environment Additions Jul 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@skyefugate @tobiasge