Skip to content

Allow login from openapi spec page

In https://gitlab.hzdr.de/hub-terra/sms/backend/-/merge_requests/345 we add the ability to login from the openapi page, so that there is no need to figure out the token when interacting with the api alone.

While the functionality itself is done in this Merge request in the backend repo, we still need to make some adjustments in the orchestration repo.

Basically we need to add the following env variables for the backend in the orch repos docker-compose files:

      PKCE_SCOPES: ${NUXT_ENV_SCOPE:-openid profile mail}
      PKCE_CLIENT_ID: ${NUXT_ENV_CLIENT_ID:-rdmsvm-implicit-flow}
      BACKEND_REDIRECT_URI: ${SMS_BACKEND_URL}/login-callback

Additionally, we need to make sure that we login on the prod helmholtz IDP when using the prod instance of the sms. (@kotyba.alhaj-taha Maybe it is similar for the UFZ instance).

And we must make sure that the IDP accepts the redirect url for all the enviroments:

  • local-dev
  • staging-dev
  • staging
  • prod

(For the GFZ case: I already added the redirect url for local dev; staging-dev could work out of the box, I don't expect staging and prod to do so).

A HIFIS Service | Privacy | Imprint | Support | Documentation | Changelog