Use the following guide to set Predefined application in case when in Select your billing system field of Billing tab in KuberDock settings - No Billing is chosen.
With such configuration, authorization token must be sent to KuberDock (not to billing system) to allow user start predefined application and get access to KuberDock.
We use JSON Web Tokens (JWT, jwt.io) for authentication. To generate correct token, use libraries for different programming languages provided on jwt.io. Find detailed information about JSON Web Tokens in official documentation available on the link jwt.io/introduction.
For work with predefined applications perform the following steps:
Note that we recommend to use libraries available on jwt.io to generate JSON Web Token.
1. In header section to be transmitted:
•“alg": encrypting algorithm, HS256 is recommended;
•“exp”: expiration time (read more here), unix timestamp;
•“iat”: issued at (read more here), unix timestamp.
2. In payload section to be submitted:
•"auth": must be true, log in or create user;
•"username": enter username for new or existing user in KuberDock.
Additional fields required only if user doesn't exist in KuberDock yet:
•“email”: users` email;
•“passwords”: users` password.
Optional fields only for new user in KuberDock. User will be created with the data from this fields, otherwise data will be:
•“package”: id of package that will be applied to the user, read more about packages here;
•“rolename”: user role in KuberDock, available user roles here;
•"first_name": user first name;
•"last_name": user last name;
•"middle_initials": user middle initials;
•"timezone": ""America/New_York (-04:00)"".
“email”: “[email protected]”,
“timezone”: ““America/New_York (-04:00)””
3. In KuberDock go to Settings, choose Generals tabs. In Secret key for Single sign-on field enter your secret key value. It must be shared between KuberDock and application that will send users to KuberDock.Single Sign On allows a user to log in to your own application (control panel, billing, etc) and then it is "automatically" signes in to KuberDock.
5. Check token generation validity on jwt.io - enter encrypted token in Encoded field, enter your secret key in VERIFY SIGNATURE field. If everything is correct, then Signature Verified message will be displayed.
6. In KuberDock go to Predefined applications page and copy the link to proper application.
7. Add your encrypted token to Predefined application link, to make link look as follows:
https://kuberdock.master/apps/12269deccf6ffe3f12ebaa7d481dbb4133bb98f1 - link to predefined application;
?token2= - GET parameter in URL;
eyJhbGciOiJIUzI1NiIsImV4cCI6MTQ2ODUyMDM2NCwiaWF0IjoxNDY4NDg4ODEyfQ.eyJ1c2VybmFtZSI6InduY20iLCJhdXRoIjp0cnVlfQ.R4upTWJC4NT2AD8RYfNAjzdmxiGQFRGQ5CCk8ALRvxw - encoded JSON Web Token.
The link is ready for use.