diff --git a/README.md b/README.md index 76cb1ca0..d4e65dc5 100644 --- a/README.md +++ b/README.md @@ -34,6 +34,7 @@ When setting up authentication, the provider will always try to use the key flow ## Key flow To use the key flow, you need to have a service account key and an RSA key-pair. + To configure it, follow this steps: The following instructions assume that you have created a service account and assigned it the necessary permissions, e.g. project.owner. @@ -42,6 +43,8 @@ To configure it, follow this steps: - You can create your own RSA key-pair or have the Portal generate one for you. + **Disclaimer:** as of now, creation of a service account key in the Portal is only available in DEV and QA environments. You can use this flow in these environments by setting the fields `token_custom_endpoint` and `jwks_custom_endpoint` to the corresponding endpoints in the provider block. + 2. Save the content of the service account key and the corresponding private key by copying them or saving them in a file. **Hint:** If you have generated the RSA key-pair using the Portal, you can save the private key in a PEM encoded file by downloading the service account key as a PEM file and using `openssl storeutl -keys > private.key` to extract the private key from the service account key. diff --git a/templates/index.md.tmpl b/templates/index.md.tmpl index e5925a42..d2f7620a 100644 --- a/templates/index.md.tmpl +++ b/templates/index.md.tmpl @@ -42,6 +42,8 @@ To configure it, follow this steps: - You can create your own RSA key-pair or have the Portal generate one for you. +**Disclaimer:** as of now, creation of a service account key in the Portal is only available in DEV and QA environments. You can use this flow in these environments by setting the fields `token_custom_endpoint` and `jwks_custom_endpoint` to the corresponding endpoints in the provider block. + 2. Save the content of the service account key and the corresponding private key by copying them or saving them in a file. **Hint:** If you have generated the RSA key-pair using the Portal, you can save the private key in a PEM encoded file by downloading the service account key as a PEM file and using `openssl storeutl -keys > private.key` to extract the private key from the service account key.