# The base path of dex and the external name of the OpenID Connect service. # This is the canonical URL that all clients MUST use to refer to dex. If a # path is provided, dex's HTTP service will listen at a non-root URL. issuer: http://127.0.0.1:5556/dex # The storage configuration determines where dex stores its state. Supported # options include SQL flavors and Kubernetes third party resources. # # See the storage document at Documentation/storage.md for further information. storage: type: sqlite3 config: file: examples/dex.db # Configuration for the HTTP endpoints. web: http: 0.0.0.0:5556 # Uncomment for HTTPS options. # https: 127.0.0.1:5554 # tlsCert: /etc/dex/tls.crt # tlsKey: /etc/dex/tls.key # Uncomment this block to enable the gRPC API. This values MUST be different # from the HTTP endpoints. # grpc: # addr: 127.0.0.1:5557 # tlsCert: examples/grpc-client/server.crt # tlsKey: examples/grpc-client/server.key # tlsClientCA: /etc/dex/client.crt # Uncomment this block to enable configuration for the expiration time durations. # expiry: # signingKeys: "6h" # idTokens: "24h" # Options for controlling the logger. # logger: # level: "debug" # format: "text" # can also be "json" # Uncomment this block to control which response types dex supports. For example # the following response types enable the implicit flow for web-only clients. # Defaults to ["code"], the code flow. # oauth2: # responseTypes: ["code", "token", "id_token"] # Instead of reading from an external storage, use this list of clients. # # If this option isn't chosen clients may be added through the gRPC API. staticClients: - id: example-app redirectURIs: - 'http://127.0.0.1:5555/callback' name: 'Example App' secret: ZXhhbXBsZS1hcHAtc2VjcmV0 connectors: - type: mockCallback id: mock name: Example # - type: oidc # id: google # name: Google # config: # issuer: https://accounts.google.com # # Connector config values starting with a "$" will read from the environment. # clientID: $GOOGLE_CLIENT_ID # clientSecret: $GOOGLE_CLIENT_SECRET # redirectURI: http://127.0.0.1:5556/dex/callback # hostedDomain: $GOOGLE_HOSTED_DOMAIN # Let dex keep a list of passwords which can be used to login to dex. enablePasswordDB: true # A static list of passwords to login the end user. By identifying here, dex # won't look in its underlying storage for passwords. # # If this option isn't chosen users may be added through the gRPC API. staticPasswords: - email: "admin@example.com" # bcrypt hash of the string "password" hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W" username: "admin" userID: "08a8684b-db88-4b73-90a9-3cd1661f5466"