relja
CCoder.com
•Created by relja on 3/28/2024 in #help
Authentication within Coder workspaces
Hi guys !
We have an issue with authentication within workspaces. Specifically, we are making a system where Coder is just of the tools, and we've setup an SSO auth scheme with Zitadel. As you can imagine, what we want to have is users authenticating just once into Zitadel, and then having access to our entire system. So within the workspace user should be able to pull his repositories from self-hosted GitLab, an in general have access to all his resources within our system without the need to re-authenticate from within workspace as well.
For that, we need to somehow pass an access token from Coder into workspace. We know we can do that with the
coder_workspace data source, owner_oidc_access_token attribute, but this only works on workspace startup. How do we refresh the access token after it expires? Right now, we have to restart workspace to get a new valid access token.
Another possible solution is to use external auth providers, but there is no Zitadel integration, and anyway, as far as I understand intended use-case for this is to authenticate workspace with third party apps, not the ones we host in our system.13 replies