From 0140243bcedcd60e667154da6a7d25c1399b207c Mon Sep 17 00:00:00 2001 From: Nate Waddington Date: Mon, 5 Oct 2020 16:26:20 -0700 Subject: [PATCH 1/3] Updating bitbucketcloud.md file as per changes in PR https://github.com/dexidp/dex/pull/1688 Signed-off-by: Nate Waddington --- content/docs/connectors/bitbucketcloud.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/content/docs/connectors/bitbucketcloud.md b/content/docs/connectors/bitbucketcloud.md index 5c98b86..8b15acd 100644 --- a/content/docs/connectors/bitbucketcloud.md +++ b/content/docs/connectors/bitbucketcloud.md @@ -39,4 +39,8 @@ connectors: # If `teams` is provided, this acts as a whitelist - only the user's Bitbucket teams that are in the configured `teams` below will go into the groups claim. Conversely, if the user is not in any of the configured `teams`, the user will not be authenticated. teams: - my-team + # Optional parameter to include team groups. + # If enabled, the groups claim of dex id_token will looks like this: + # ["my_team", "my_team/administrators", "my_team/members"] + includeTeamGroups: true ``` From 04993e50eb15bf0b88a42a7287a10246ce8eb424 Mon Sep 17 00:00:00 2001 From: Nate Waddington Date: Tue, 6 Oct 2020 08:37:07 -0700 Subject: [PATCH 2/3] updating bitbucketcloud.md copy as per changes introduced in https://github.com/dexidp/dex/pull/1812 Signed-off-by: Nate Waddington --- content/docs/connectors/bitbucketcloud.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/connectors/bitbucketcloud.md b/content/docs/connectors/bitbucketcloud.md index 6398b62..966f00d 100644 --- a/content/docs/connectors/bitbucketcloud.md +++ b/content/docs/connectors/bitbucketcloud.md @@ -18,7 +18,7 @@ When a client redeems a refresh token through dex, dex will re-query Bitbucket t Register a new OAuth consumer with [Bitbucket](https://confluence.atlassian.com/bitbucket/oauth-on-bitbucket-cloud-238027431.html) ensuring the callback URL is `(dex issuer)/callback`. For example if dex is listening at the non-root path `https://auth.example.com/dex` the callback would be `https://auth.example.com/dex/callback`. -The application requires the user to grant the `Read Account` and `Read Team membership` permissions. The latter is required only if group membership is a desired claim. +The application requires the user to grant the `Read Account`. The application requires the user to grant only the `Read Account` permission. The following is an example of a configuration for `examples/config-dev.yaml`: From 5507a59633938c27401f4752dc9f11533f777bc3 Mon Sep 17 00:00:00 2001 From: Nate Waddington Date: Tue, 6 Oct 2020 08:46:50 -0700 Subject: [PATCH 3/3] correcting content update as per https://github.com/dexidp/dex/pull/1812 Signed-off-by: Nate Waddington --- content/docs/connectors/bitbucketcloud.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/docs/connectors/bitbucketcloud.md b/content/docs/connectors/bitbucketcloud.md index 966f00d..8fd7859 100644 --- a/content/docs/connectors/bitbucketcloud.md +++ b/content/docs/connectors/bitbucketcloud.md @@ -18,7 +18,7 @@ When a client redeems a refresh token through dex, dex will re-query Bitbucket t Register a new OAuth consumer with [Bitbucket](https://confluence.atlassian.com/bitbucket/oauth-on-bitbucket-cloud-238027431.html) ensuring the callback URL is `(dex issuer)/callback`. For example if dex is listening at the non-root path `https://auth.example.com/dex` the callback would be `https://auth.example.com/dex/callback`. -The application requires the user to grant the `Read Account`. The application requires the user to grant only the `Read Account` permission. +The application requires the user to grant only the `Read Account` permission. The following is an example of a configuration for `examples/config-dev.yaml`: