Qt Insight uses OAuth to authenticate users. For this to work, you will need to configure an external identity provider.

1. Copy the client ID and client secret from the identity provider. These are required by the Qt Insight Private Cloud installation.
2. Configure the callback URLs in the identity provider configuration as follows:
   • Login: <Insight Console URI>/api/v1/oauth/callback/openid
   • Logout: <Insight Console URI>/api/v1/auth/postlogout
3. Designate one or more users to be Qt Insight administrators. These users will have access to an admin panel where they can manage organizations in the Qt Insight Private Cloud. The emails of these users will be added to the Terraform configuration.

Setting up Auth0

The following example uses Auth0 as the identity provider. However, any OAuth2-compliant identity provider, such as Active Directory or AWS Cognito, can be used.

1. Create an application for Qt Insight.

   

   Qt Insight backend uses the OAuth2 authorization code flow. On Auth0, this can be implemented using the Regular Web Application template.

2. Copy client ID, client secret, and issuer address from the application.

   

   Note: In Auth0, the issuer address is called a Domain. Your identity provider may use different terminology.

3. Add the application configuration.

   

   You will need to configure at least the allowed callback URL and the allowed logout URL.