Skip to main content

Authentication

SolidPing supports multiple authentication methods for user sign-in.

Email/Password

The default authentication method. Users register with an email and password.

Restricting Registration

Limit who can register by email pattern:

# Only allow company emails
SP_AUTH_REGISTRATION_EMAIL_PATTERN=@yourcompany\.com$

# Allow multiple domains
SP_AUTH_REGISTRATION_EMAIL_PATTERN=@(yourcompany|partner)\.com$

JWT Configuration

# Set a strong secret for JWT signing (auto-generated if not set)
SP_AUTH_JWT_SECRET=your-secure-random-secret-at-least-32-chars
Production

Always set SP_AUTH_JWT_SECRET in production. If left unset, a random secret is generated on each restart, invalidating all existing sessions.

OAuth Providers

SolidPing supports OAuth2 authentication with major identity providers. Set both _CLIENT_ID and _CLIENT_SECRET to enable each provider.

Google

SP_GOOGLE_CLIENT_ID=your-client-id.apps.googleusercontent.com
SP_GOOGLE_CLIENT_SECRET=your-client-secret

Setup:

  1. Go to Google Cloud Console
  2. Create a new OAuth 2.0 Client ID
  3. Set authorized redirect URI to {SP_BASE_URL}/api/v1/auth/google/callback

GitHub

SP_GITHUB_CLIENT_ID=your-github-client-id
SP_GITHUB_CLIENT_SECRET=your-github-client-secret

Setup:

  1. Go to GitHub Developer Settings
  2. Create a new OAuth App
  3. Set authorization callback URL to {SP_BASE_URL}/api/v1/auth/github/callback

GitLab

SP_GITLAB_CLIENT_ID=your-gitlab-client-id
SP_GITLAB_CLIENT_SECRET=your-gitlab-client-secret

Setup:

  1. Go to GitLab → Preferences → Applications
  2. Create a new application
  3. Set redirect URI to {SP_BASE_URL}/api/v1/auth/gitlab/callback
  4. Select scopes: read_user, openid

Microsoft

SP_MICROSOFT_CLIENT_ID=your-microsoft-client-id
SP_MICROSOFT_CLIENT_SECRET=your-microsoft-client-secret

Setup:

  1. Go to Azure App Registrations
  2. Register a new application
  3. Add redirect URI: {SP_BASE_URL}/api/v1/auth/microsoft/callback
  4. Create a client secret under "Certificates & secrets"

Configuration File

auth:
  jwt_secret: your-secure-random-secret
  registration_email_pattern: "@yourcompany\\.com$"

google:
  client_id: your-google-client-id
  client_secret: your-google-client-secret

github:
  client_id: your-github-client-id
  client_secret: your-github-client-secret

gitlab:
  client_id: your-gitlab-client-id
  client_secret: your-gitlab-client-secret

microsoft:
  client_id: your-microsoft-client-id
  client_secret: your-microsoft-client-secret