github-mirror/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2026-05-28 07:17:04 +02:00
Code Issues Actions 65 Packages Projects Releases Wiki Activity Graph

feat: Add new env vars for sso provisioning configuration (#20749)

Browse Source
This commit is contained in:
Stephen Wright 2025-10-14 10:18:32 +01:00 committed by GitHub
parent 64ad7586c6
commit 28a4e2c418
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
packages/@n8n/config/src/configs/sso.config.ts
View File

@ -1,5 +1,7 @@
import { Config, Env, Nested } from '../decorators';
type ScopesProvisioningFrequency = 'never' | 'first_login' | 'every_login';
@Config
class SamlConfig {
/** Whether to enable SAML SSO. */
@ -27,6 +29,33 @@ class LdapConfig {
loginLabel: string = '';
}
@Config
class ProvisioningConfig {
/** Whether to provision the instance role from an SSO auth claim */
@Env('N8N_SSO_SCOPES_PROVISION_INSTANCE_ROLE')
scopesProvisionInstanceRole: boolean = false;
/** Whether to provision the project <> role mappings from an SSO auth claim */
@Env('N8N_SSO_SCOPES_PROVISION_PROJECT_ROLES')
scopesProvisionProjectRoles: boolean = false;
/** How often to trigger provisioning, never, fist login, or every login */
@Env('N8N_SSO_SCOPES_PROVISIONING_FREQUENCY')
scopesProvisioningFrequency: ScopesProvisioningFrequency = 'never';
/** The name of scope to request on oauth flows */
@Env('N8N_SSO_SCOPES_NAME')
scopesName: string = 'n8n';
/** The name of the expected claim to be returned for provisioning instance role */
@Env('N8N_SSO_SCOPES_INSTANCE_ROLE_CLAIM_NAME')
scopesInstanceRoleClaimName: string = 'n8n_instance_role';
/** The name of the expected claim to be returned for provisioning project <> role mappings */
@Env('N8N_SSO_SCOPES_PROJECTS_ROLES_CLAIM_NAME')
scopesProjectsRolesClaimName: string = 'n8n_projects';
}
@Config
export class SsoConfig {
/** Whether to create users when they log in via SSO. */
@ -45,4 +74,7 @@ export class SsoConfig {
@Nested
ldap: LdapConfig;
@Nested
provisioning: ProvisioningConfig;
}

8
packages/@n8n/config/test/config.test.ts
View File

@ -368,6 +368,14 @@ describe('GlobalConfig', () => {
loginEnabled: false,
loginLabel: '',
},
provisioning: {
scopesProvisionInstanceRole: false,
scopesProvisionProjectRoles: false,
scopesProvisioningFrequency: 'never',
scopesName: 'n8n',
scopesInstanceRoleClaimName: 'n8n_instance_role',
scopesProjectsRolesClaimName: 'n8n_projects',
},
},
redis: {
prefix: 'n8n',