{"id":22268093,"url":"https://github.com/curityio/account-linking-recipes","last_synced_at":"2025-03-25T14:45:00.854Z","repository":{"id":74437426,"uuid":"550696469","full_name":"curityio/account-linking-recipes","owner":"curityio","description":"How to link account records together, then use a consistent access token identity in calls to APIs","archived":false,"fork":false,"pushed_at":"2024-11-05T12:51:30.000Z","size":1701,"stargazers_count":1,"open_issues_count":1,"forks_count":0,"subscribers_count":4,"default_branch":"main","last_synced_at":"2025-01-30T13:29:34.275Z","etag":null,"topics":["account-linking","authentication","authentication-action","oauth2","openid-connect","passkeys","use-case"],"latest_commit_sha":null,"homepage":"https://curity.io/resources/learn/account-linking-recipes/","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/curityio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-13T07:17:51.000Z","updated_at":"2024-11-05T12:51:32.000Z","dependencies_parsed_at":"2024-03-25T10:01:22.760Z","dependency_job_id":"1699b744-2f7f-4db1-9854-ca97f572b540","html_url":"https://github.com/curityio/account-linking-recipes","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Faccount-linking-recipes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Faccount-linking-recipes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Faccount-linking-recipes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/curityio%2Faccount-linking-recipes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/curityio","download_url":"https://codeload.github.com/curityio/account-linking-recipes/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245485724,"owners_count":20623237,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["account-linking","authentication","authentication-action","oauth2","openid-connect","passkeys","use-case"],"created_at":"2024-12-03T11:11:05.688Z","updated_at":"2025-03-25T14:44:55.836Z","avatar_url":"https://github.com/curityio.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Account Linking Recipes\n\nDemonstrates techniques for handling user accounts and access token identities.\\\nOnce each recipe is understood, it can also be adapted to other authentication providers.\\\nWhen required, the use of actions can scale to provide solutions to complex problems.\n\n## Prerequisites\n\n- Ensure that Docker is installed\n- Copy a license file for the Curity Identity Server to the root folder\n- Install the ngrok tool to enable the use of online OAuth Tools for testing\n\nAlso, ensure that your computer's Curity Docker image is up to date:\n\n```bash\ndocker pull curity.azurecr.io/curity/idsvr\n```\n\n## Deployed System\n\nThe deployed system uses as Admin UI at `https://localhost:6749/admin` with a login of `admin / Password1`.\\\nUse the Admin UI if you want to inspect the configuration, to understand the use of actions.\n\n## Use Case 1: Default Passwords\n\nConfigure this use case with the following setup, to use default username and password based authentication:\n\n```bash\nexport USE_NGROK=true\n./deploy.sh\n./apply-use-case.sh ./config/1-configure-default-passwords.xml\n```\n\nThe [Default Identity Behavior](doc/1-default-behavior.md) document explains this flow and its associated data.\n\n## Use Case 2: Add an Extra Login Method\n\nNext use Google as an extra login method, and link Google identities to accounts for existing and new users.\\\nTo test this scenario, redeploy the system with extra configuration:\n\n```bash\nexport USE_NGROK=true\nexport GOOGLE_CLIENT_ID='myclientid'\nexport GOOGLE_CLIENT_SECRET='myclientsecret'\n./deploy.sh\n./apply-use-case.sh ./config/2-configure-extra-login-method.xml\n```\n\nThe [Extra Login Identity Behavior](doc/2-extra-login-behavior.md) document explains this flow and its associated data.\n\n## Use Case 3: Use External Accounts\n\nThis scenario does not use the default password option and instead manages logins via Azure Active Directory.\\\nThe Azure AD identity becomes the main account, and other accounts can link to it:\n\n```bash\nexport USE_NGROK=true\nexport AZURE_AD_METADATA_URL='https://login.microsoftonline.com/mytenantid/v2.0/.well-known/openid-configuration'\nexport AZURE_AD_CLIENT_ID='myclientid'\nexport AZURE_AD_CLIENT_SECRET='myclientsecret'\n./deploy.sh \n./apply-use-case.sh ./config/3-configure-external-accounts.xml\n```\n\nThe [External Account Identity Behavior](doc/3-external-account-behavior.md) document explains this flow and its associated data.\n\n## Use Case 4: Migrating to Passkeys\n\nThis scenario demonstrates an opt-in migration from passwords to passkeys.\\\nUsers can upgrade to passkeys, or continue to use passwords if they prefer.\\\nThe solution uses dynamic logic to identify the user's authentication method.\n\n```bash\nexport USE_NGROK=true\n./deploy.sh\n./apply-use-case.sh ./config/4-configure-migrating-to-passkeys.xml\n```\n\nThe [Migrating to Passkeys Behavior](doc/4-migrating-to-passkeys.md) document explains this flow and its associated data.\n\n## Free Resources\n\nRun the following script to free up all Docker resources once you have finished testing:\n\n```bash\n./teardown.sh\n```\n\n## Website Documentation\n\nSee the [Account Linking Recipes](https://curity.io/resources/learn/account-linking-recipes) website articles for the main documentation.\n\n## More Information\n\nPlease visit [curity.io](https://curity.io/) for more information about the Curity Identity Server.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Faccount-linking-recipes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcurityio%2Faccount-linking-recipes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcurityio%2Faccount-linking-recipes/lists"}