Please reopen this issue.

Tried running this with latest…

docker run --interactive --tty \
    --env "ADMIN_EMAIL=noreply@example.com" \
    --env "ADMIN_PASSWORD=password" \
    --env "ADMIN_USERNAME=admin" \
    --env "OAUTH_OKTA_OPENIDCONNECT_KEY=redacted" \
    --env "OAUTH_OKTA_OPENIDCONNECT_SECRET=redacted" \
    --env "OAUTH_OKTA_OPENIDCONNECT_API_URL=x.okta.com" \
    --publish 8000:8000 \
    doccano/doccano

When speaking directly to the backend I get a 500 server error, when speaking to the frontend I get a 404 at social/complete/okta-openidconnect/

+1 to this. Would love to be able to use OIDC on the new login.

The project since that older commit has a lot of improvements that I’d rather keep, and I’m also not familiar enough with Nuxt / Vue. If I have the bandwidth maybe I’ll try to work on it in the future if it’s not resolved by then.

Our team has put together a PR that adds Okta Login to Doccano (#2079). Currently the login button is hard-coded due to the fact that the Django system and Nuxt.js frontend are separated. But it is working fine on our end so we would like to work with the contributors to get this merged if it helps other people.

This should also help with other social logins as well.

Cheers!

Hi @setu4993, No worries I was able to resolve the issue by adding the missing scope -‘groups’ in the okta admin dashboard

1. In the Admin Console, go to Security > API.
2. On the Authorization Servers tab, select the name of the Authorization Server, and then select Scopes.
3. Select Scopes and then Add Scope.
4. Enter a Name, Display phrase, and Description

Thanks for your work on this!

I think it is more or less obvious, but just to mention it: The “Login with Active Directory” button is also missing. Our workaround is to use the endpoint /social/login/azuread-tenant-oauth2/ directly. I don’t know if this will work for Octa or Google though.

Related: https://github.com/doccano/doccano/issues/989

@Vydruth : Hey, sorry, I haven’t had a lot of time to look at this over the last few days. The last version that works for me (and I have set up for) is 6d5bff4bd03c63babe2c7164579d77ff4f0597d1.

I haven’t seen that error before, but from the truncated traceback my guess is it’s likely a configuration / permissions issue. Happy to help you through this if you can share a more detailed traceback.

I’d recommend reaching out over email (see my GitHub profile) to avoid the issue going off-topic.

@yoshiya8 : Thanks for flagging. I don’t think this is a problem at your end, I can reproduce it.

The backend correctly identifies and sets flags for the Okta / other social auth, but unfortunately, it cannot be used with the current version of the Doccano frontend.

What I had built was an integration with the previously used Doccano frontend (that is still under app/server). I can see that since https://github.com/doccano/doccano/commit/362df6373af833bb16ee02a4708db5a811f03d5c the frontend is being pointed to the new Nuxt.JS frontend. That version doesn’t appear to have the ability to use the social auth and doesn’t thus have all of the features that the old UI did. I am not familiar with Nuxt / Vue enough to be able to contribute the changes that’d be required, but if someone can point me to the file(s) that’d need to be touched, I’m happy to take a stab (cc @Hironsan, @icoxfog417).

Additionally, a workaround right now might be to build the Docker container from source, while checking out to an older commit. I tried building the container for 6e76b9586b9c95f27e9432a456f4213d2febef53 and got it to work. (One other change is required in requirements.txt there for it to build and run successfully: pin the max version of pyjwt as pyjwt>=1.7.1,<2.0).