# The base path of dex and the external name of the OpenID Connect service. # Clients use this value to do discovery. issuer: http://127.0.0.1:5556/dex # The storage configuration determines where dex stores its state. Supported # options include SQL flavors and Kubernetes third party resources. storage: type: sqlite3 config: file: examples/dex.db # Configuration for the web: http: 127.0.0.1:5556 # HTTPS options are also supported: # https: 127.0.0.1:5554 # tlsCert: /etc/dex/tls.crt # tlsKey: /etc/dex/tls.key # Uncomment this block to enable the gRPC API. # grpc: # addr: 127.0.0.1:5557 # tlsCert: /etc/dex/grpc.crt # tlsKey: /etc/dex/grpc.key # tlsClientCA: /etc/dex/client.crt # Instead of reading from an external storage, use this list of clients. # # If this option isn't choosen clients may be added through the gRPC API. staticClients: - id: example-app redirectURIs: - 'http://127.0.0.1:5555/callback' name: 'Example App' secret: ZXhhbXBsZS1hcHAtc2VjcmV0 connectors: - type: mockCallback id: mock name: Example # - type: oidc # id: google # name: Google # config: # issuer: https://accounts.google.com # # Config values starting with a "$" will read from the environment. # clientID: $GOOGLE_CLIENT_ID # clientSecret: $GOOGLE_CLIENT_SECRET # redirectURI: http://127.0.0.1:5556/dex/callback/google # Let dex keep a list of passwords which can be used to login the user enablePasswordDB: true # A static list of passwords to login the end user. By identifying here, dex # won't look in its underlying storage for passwords. # # If this option isn't choosen users may be added through the gRPC API. staticPasswords: - email: "admin@example.com" # bcrypt hash of the string "password" hash: "$2a$10$2b2cU8CPhOTaGrs1HRQuAueS7JTT5ZHsHSzYiFPm1leZck7Mc8T4W" username: "admin" userID: "08a8684b-db88-4b73-90a9-3cd1661f5466" # Uncomment this block to enable configuration for the expiration time durations. # expiry: # signingKeys: "6h" # idTokens: "24h"