Document login client ID setting for OAuth invite flow#4940
Merged
Conversation
✅ Deploy Preview for viam-docs ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
App PR viamrobotics/app#11652 added a Login client ID field to organization settings that designates which OAuth app is used for the login and invite flow. The previous behavior of automatically using the first registered OAuth app was removed. Invite links now show the organization's logo on the branded login screen. Add a new "Designate a login client ID" section to the OAuth setup guide covering the UI navigation, validation requirements, and the resulting invite flow behavior.
shannonbradshaw
force-pushed
the
claude/oauth-login-client-id
branch
from
382f389 to
d7e0a3a
Compare
Two corrections to the prior draft, both verified against the source commit (app#11652, ccfeb836f). The prior draft claimed that setting Login client ID causes invite links to "pass your organization's logo URL to the login screen." That is the wrong way around. Reading page/accept_invite.go after the commit: - LoginClientID set, GetCustomLoginURL succeeds: redirect to FusionAuth's /oauth2/authorize for the OAuth app. logo_url is NOT appended; the OAuth app's own branding (configured in FusionAuth) drives the screen. - LoginClientID empty: redirect to Viam's default /login with addLogoURL appended. So the org logo gets passed via logo_url on the DEFAULT-login path, not the custom-login path. The actual user-visible feature in this commit is that Viam's default invite-login screen now shows the org's logo when one is uploaded. The prior draft also missed the behavior change for orgs that already had OAuth apps. The condition flipped from "any registered OAuth app exists" to "LoginClientID is explicitly set," so orgs that previously got a custom login screen automatically now fall back to Viam's default until they set this field. Added a short callout. Also softened the redirect-URI requirement: it is added automatically on OAuth app creation (server_helper.go:591-593), so the prior phrasing overstated how often a user might need to handle it manually. Verified against: - app/page/accept_invite.go (post-ccfeb836f) - app/data/models.go GetCustomLoginURL, GetFusionAuthClientID - app/data/data.go ThirdPartyConfigSetLoginClientID redirect-URI check - app/domains/service/server_helper.go acceptInviteRedirectURI auto-append - app/ui/src/routes/.../white-labeling.svelte for the field's hasOAuthApps gate and help-text
The prior draft (and my previous edit) carried "Settings and invites" as
a menu item. The actual menu item is "Settings." The string "Settings
and invites" appears only once in the entire app/ui/src tree, as inline
prose in fleet/.../members/section.svelte:45 referring to the same
destination — not as a label anywhere in navigation.
Re-verified every UI string on this section against the source:
- Org dropdown button text: the current org name (org-menu.svelte:71)
- Menu item: "Settings" linking to /organization/{id}/settings
(org-menu.svelte:90)
- Page heading: "Settings" (settings/+page.svelte:40)
- Section heading: "White Labeling" (white-labeling.svelte:169)
- Field label: "Login client ID" (white-labeling.svelte:230)
- Help text under the field: "The OAuth app used for custom login and
invite flows. Must be one of: ..." (white-labeling.svelte:246)
- Save button: "Save" (white-labeling.svelte:242)
- Conditional render: only when at least one OAuth app exists
({#if hasOAuthApps}, white-labeling.svelte:225)
|
🔎💬 Inkeep AI search and chat service is syncing content for source 'Viam Docs' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Source changes
ClientIDsarray). Now,LoginClientIDmust be set explicitly; otherwise invite links fall back to Viam's default login screen.logo_urlquery parameter.Docs changes
docs/organization/oauth.md: Added a new## Designate a login client IDsection after "Set up auth app" covering:How I found these
LoginClientID; the OAuth setup flow lives indocs/organization/oauth.md.LoginClientIDandlogin client IDfound zero matches in docs;FusionAuthmatched 4 files, only oauth.md is about OAuth setup.ClientIDs,client_ids,OAuthLoginClientIDin docs (zero matches).app/ui/src/routes/(auth-required)/organization/[org_id]/settings/white-labeling.sveltereadsLogin client IDunder theWhite Labelingheading.Generated by daily docs change agent