diff --git a/docs/cli/federated-graph/fetch.mdx b/docs/cli/federated-graph/fetch.mdx index 5fef9f9f..fc71e478 100644 --- a/docs/cli/federated-graph/fetch.mdx +++ b/docs/cli/federated-graph/fetch.mdx @@ -33,7 +33,7 @@ The `npx wgc federated-graph fetch` command allows you to download the latest va This mode will help smooth migration from the Apollo router to the WunderGraph Cosmo router. Initially, the users can use the schema registry from Cosmo and use this mode to update their routers/gateways. Later they can move from Apollo Router/Gateway to WunderGraph Router. - Apollo Compatibility + Diagram showing Cosmo Schema Registry and WGC CLI generating an Apollo-compatible supergraph for the Apollo Router/Gateway, updated via webhook on schema change. ## Output diff --git a/docs/images/concepts/image-1.png b/docs/images/concepts/image-1.png deleted file mode 100644 index 24a582bf..00000000 Binary files a/docs/images/concepts/image-1.png and /dev/null differ diff --git a/docs/images/concepts/image-2.png b/docs/images/concepts/image-2.png deleted file mode 100644 index 7f527b15..00000000 Binary files a/docs/images/concepts/image-2.png and /dev/null differ diff --git a/docs/images/image-6.png b/docs/images/image-6.png deleted file mode 100644 index 3a206c81..00000000 Binary files a/docs/images/image-6.png and /dev/null differ diff --git a/docs/images/image-7.png b/docs/images/image-7.png deleted file mode 100644 index ed31a0a8..00000000 Binary files a/docs/images/image-7.png and /dev/null differ diff --git a/docs/images/image.png b/docs/images/image.png deleted file mode 100644 index ae92d28f..00000000 Binary files a/docs/images/image.png and /dev/null differ diff --git a/docs/images/studio/organization-settings-with-ai-and-rbac.png b/docs/images/studio/organization-settings-with-ai-and-rbac.png new file mode 100644 index 00000000..01d77638 Binary files /dev/null and b/docs/images/studio/organization-settings-with-ai-and-rbac.png differ diff --git a/docs/images/studio/sso/add-claims-tab.png b/docs/images/studio/sso/access-policies-with-token-preview.png similarity index 100% rename from docs/images/studio/sso/add-claims-tab.png rename to docs/images/studio/sso/access-policies-with-token-preview.png diff --git a/docs/images/studio/sso/image-31.png b/docs/images/studio/sso/access-settings-for-redirect-urls.png similarity index 100% rename from docs/images/studio/sso/image-31.png rename to docs/images/studio/sso/access-settings-for-redirect-urls.png diff --git a/docs/images/studio/sso/image-13.png b/docs/images/studio/sso/add-claim-dialog-for-group-filters.png similarity index 100% rename from docs/images/studio/sso/image-13.png rename to docs/images/studio/sso/add-claim-dialog-for-group-filters.png diff --git a/docs/images/studio/sso/image-46.png b/docs/images/studio/sso/add-microsoft-graph-api-permissions.png similarity index 100% rename from docs/images/studio/sso/image-46.png rename to docs/images/studio/sso/add-microsoft-graph-api-permissions.png diff --git a/docs/images/studio/sso/image-44.png b/docs/images/studio/sso/add-redirect-uri-in-azure-ad-registration.png similarity index 100% rename from docs/images/studio/sso/image-44.png rename to docs/images/studio/sso/add-redirect-uri-in-azure-ad-registration.png diff --git a/docs/images/studio/sso/image-47.png b/docs/images/studio/sso/add-user-or-group-in-entra.png similarity index 100% rename from docs/images/studio/sso/image-47.png rename to docs/images/studio/sso/add-user-or-group-in-entra.png diff --git a/docs/images/studio/sso/image-15.png b/docs/images/studio/sso/app-basic-info-with-name-and-domain.png similarity index 100% rename from docs/images/studio/sso/image-15.png rename to docs/images/studio/sso/app-basic-info-with-name-and-domain.png diff --git a/docs/images/studio/sso/integration-name.png b/docs/images/studio/sso/app-integration-name-settings.png similarity index 100% rename from docs/images/studio/sso/integration-name.png rename to docs/images/studio/sso/app-integration-name-settings.png diff --git a/docs/images/studio/sso/image-36.png b/docs/images/studio/sso/app-registrations-list-in-entra.png similarity index 100% rename from docs/images/studio/sso/image-36.png rename to docs/images/studio/sso/app-registrations-list-in-entra.png diff --git a/docs/images/studio/sso/image-20.png b/docs/images/studio/sso/application-uri-configuration.png similarity index 100% rename from docs/images/studio/sso/image-20.png rename to docs/images/studio/sso/application-uri-configuration.png diff --git a/docs/images/studio/sso/integration-assignments.png b/docs/images/studio/sso/assign-controlled-access-to-app.png similarity index 100% rename from docs/images/studio/sso/integration-assignments.png rename to docs/images/studio/sso/assign-controlled-access-to-app.png diff --git a/docs/images/studio/sso/image-38.png b/docs/images/studio/sso/certificates-secrets-with-new-client-secret.png similarity index 100% rename from docs/images/studio/sso/image-38.png rename to docs/images/studio/sso/certificates-secrets-with-new-client-secret.png diff --git a/docs/images/studio/sso/image-25.png b/docs/images/studio/sso/client-authenticator-with-id-and-secret.png similarity index 100% rename from docs/images/studio/sso/image-25.png rename to docs/images/studio/sso/client-authenticator-with-id-and-secret.png diff --git a/docs/images/studio/sso/copy-client-credentials.png b/docs/images/studio/sso/client-credentials-editing-view.png similarity index 100% rename from docs/images/studio/sso/copy-client-credentials.png rename to docs/images/studio/sso/client-credentials-editing-view.png diff --git a/docs/images/studio/sso/image-32.png b/docs/images/studio/sso/client-scope-with-no-mappers-configured.png similarity index 100% rename from docs/images/studio/sso/image-32.png rename to docs/images/studio/sso/client-scope-with-no-mappers-configured.png diff --git a/docs/images/studio/sso/image-41.png b/docs/images/studio/sso/configure-group-mappers-for-roles.png similarity index 100% rename from docs/images/studio/sso/image-41.png rename to docs/images/studio/sso/configure-group-mappers-for-roles.png diff --git a/docs/images/studio/sso/image-40.png b/docs/images/studio/sso/connect-openid-provider-for-organization.png similarity index 100% rename from docs/images/studio/sso/image-40.png rename to docs/images/studio/sso/connect-openid-provider-for-organization.png diff --git a/docs/images/studio/sso/image-24.png b/docs/images/studio/sso/create-client-settings-overview.png similarity index 100% rename from docs/images/studio/sso/image-24.png rename to docs/images/studio/sso/create-client-settings-overview.png diff --git a/docs/images/studio/sso/image-35.png b/docs/images/studio/sso/create-custom-application-in-entra.png similarity index 100% rename from docs/images/studio/sso/image-35.png rename to docs/images/studio/sso/create-custom-application-in-entra.png diff --git a/docs/images/studio/sso/image-14.png b/docs/images/studio/sso/create-native-app-named-my-app.png similarity index 100% rename from docs/images/studio/sso/image-14.png rename to docs/images/studio/sso/create-native-app-named-my-app.png diff --git a/docs/images/studio/sso/image-34.png b/docs/images/studio/sso/create-new-app-in-microsoft-entra.png similarity index 100% rename from docs/images/studio/sso/image-34.png rename to docs/images/studio/sso/create-new-app-in-microsoft-entra.png diff --git a/docs/images/studio/sso/create-app-integration.png b/docs/images/studio/sso/create-new-app-integration-setup.png similarity index 100% rename from docs/images/studio/sso/create-app-integration.png rename to docs/images/studio/sso/create-new-app-integration-setup.png diff --git a/docs/images/studio/sso/image-49.png b/docs/images/studio/sso/create-new-user-form-in-entra.png similarity index 100% rename from docs/images/studio/sso/image-49.png rename to docs/images/studio/sso/create-new-user-form-in-entra.png diff --git a/docs/images/studio/sso/image-48.png b/docs/images/studio/sso/create-new-user-in-entra.png similarity index 100% rename from docs/images/studio/sso/image-48.png rename to docs/images/studio/sso/create-new-user-in-entra.png diff --git a/docs/images/studio/sso/image-23.png b/docs/images/studio/sso/create-openid-connect-client.png similarity index 100% rename from docs/images/studio/sso/image-23.png rename to docs/images/studio/sso/create-openid-connect-client.png diff --git a/docs/images/studio/sso/metadata-uri.png b/docs/images/studio/sso/default-authorization-server-metadata.png similarity index 100% rename from docs/images/studio/sso/metadata-uri.png rename to docs/images/studio/sso/default-authorization-server-metadata.png diff --git a/docs/images/studio/sso/api-menu.png b/docs/images/studio/sso/edit-client-credentials-for-web-app.png similarity index 100% rename from docs/images/studio/sso/api-menu.png rename to docs/images/studio/sso/edit-client-credentials-for-web-app.png diff --git a/docs/images/studio/sso/image-21.png b/docs/images/studio/sso/empty-library-page.png similarity index 100% rename from docs/images/studio/sso/image-21.png rename to docs/images/studio/sso/empty-library-page.png diff --git a/docs/images/studio/sso/image-33.png b/docs/images/studio/sso/group-membership-mapper-configuration.png similarity index 100% rename from docs/images/studio/sso/image-33.png rename to docs/images/studio/sso/group-membership-mapper-configuration.png diff --git a/docs/images/studio/sso/map-oidc-groups.png b/docs/images/studio/sso/group-to-role-mapping-dialog.png similarity index 100% rename from docs/images/studio/sso/map-oidc-groups.png rename to docs/images/studio/sso/group-to-role-mapping-dialog.png diff --git a/docs/images/studio/sso/image-42.png b/docs/images/studio/sso/groups-list-in-microsoft-entra.png similarity index 100% rename from docs/images/studio/sso/image-42.png rename to docs/images/studio/sso/groups-list-in-microsoft-entra.png diff --git a/docs/images/studio/sso/image-27.png b/docs/images/studio/sso/image-27.png deleted file mode 100644 index 575442f0..00000000 Binary files a/docs/images/studio/sso/image-27.png and /dev/null differ diff --git a/docs/images/studio/sso/image-28.png b/docs/images/studio/sso/image-28.png deleted file mode 100644 index 057cdc6b..00000000 Binary files a/docs/images/studio/sso/image-28.png and /dev/null differ diff --git a/docs/images/studio/sso/image-29.png b/docs/images/studio/sso/image-29.png deleted file mode 100644 index 040c5afb..00000000 Binary files a/docs/images/studio/sso/image-29.png and /dev/null differ diff --git a/docs/images/studio/sso/image-30.png b/docs/images/studio/sso/image-30.png deleted file mode 100644 index 36a922dc..00000000 Binary files a/docs/images/studio/sso/image-30.png and /dev/null differ diff --git a/docs/images/studio/sso/image-39.png b/docs/images/studio/sso/image-39.png deleted file mode 100644 index 19d3e2f9..00000000 Binary files a/docs/images/studio/sso/image-39.png and /dev/null differ diff --git a/docs/images/studio/sso/image-43.png b/docs/images/studio/sso/image-43.png deleted file mode 100644 index 553935c7..00000000 Binary files a/docs/images/studio/sso/image-43.png and /dev/null differ diff --git a/docs/images/studio/sso/image-11.png b/docs/images/studio/sso/login-configuration-with-redirect-urls.png similarity index 100% rename from docs/images/studio/sso/image-11.png rename to docs/images/studio/sso/login-configuration-with-redirect-urls.png diff --git a/docs/images/studio/sso/image-22.png b/docs/images/studio/sso/login-flow-customization.png similarity index 100% rename from docs/images/studio/sso/image-22.png rename to docs/images/studio/sso/login-flow-customization.png diff --git a/docs/images/studio/sso/image-50.png b/docs/images/studio/sso/new-user-creation-form-in-entra.png similarity index 100% rename from docs/images/studio/sso/image-50.png rename to docs/images/studio/sso/new-user-creation-form-in-entra.png diff --git a/docs/images/studio/sso/connect-oidc-dialog.png b/docs/images/studio/sso/oidc-provider-configuration-form.png similarity index 100% rename from docs/images/studio/sso/connect-oidc-dialog.png rename to docs/images/studio/sso/oidc-provider-configuration-form.png diff --git a/docs/images/studio/sso/connect-oidc-success.png b/docs/images/studio/sso/oidc-provider-configuration-steps.png similarity index 100% rename from docs/images/studio/sso/connect-oidc-success.png rename to docs/images/studio/sso/oidc-provider-configuration-steps.png diff --git a/docs/images/studio/sso/image-16.png b/docs/images/studio/sso/oidc-provider-connection-in-org-settings.png similarity index 100% rename from docs/images/studio/sso/image-16.png rename to docs/images/studio/sso/oidc-provider-connection-in-org-settings.png diff --git a/docs/images/studio/sso/image-19.png b/docs/images/studio/sso/oidc-provider-redirect-setup.png similarity index 100% rename from docs/images/studio/sso/image-19.png rename to docs/images/studio/sso/oidc-provider-redirect-setup.png diff --git a/docs/images/studio/sso/image-26.png b/docs/images/studio/sso/openid-and-saml-metadata-settings.png similarity index 100% rename from docs/images/studio/sso/image-26.png rename to docs/images/studio/sso/openid-and-saml-metadata-settings.png diff --git a/docs/images/studio/sso/image-37.png b/docs/images/studio/sso/openid-connect-metadata-in-entra.png similarity index 100% rename from docs/images/studio/sso/image-37.png rename to docs/images/studio/sso/openid-connect-metadata-in-entra.png diff --git a/docs/images/studio/sso/connect_oidc.png b/docs/images/studio/sso/organization-settings-with-ai-rbac-scim.png similarity index 100% rename from docs/images/studio/sso/connect_oidc.png rename to docs/images/studio/sso/organization-settings-with-ai-rbac-scim.png diff --git a/docs/images/studio/sso/image-45.png b/docs/images/studio/sso/token-configuration-with-group-claims.png similarity index 100% rename from docs/images/studio/sso/image-45.png rename to docs/images/studio/sso/token-configuration-with-group-claims.png diff --git a/docs/images/tutorial/apollo-compatibility-mode.png b/docs/images/tutorial/apollo-compatibility-cosmo-with-apollo-router-gateway.png similarity index 100% rename from docs/images/tutorial/apollo-compatibility-mode.png rename to docs/images/tutorial/apollo-compatibility-cosmo-with-apollo-router-gateway.png diff --git a/docs/images/tutorial/image-3.png b/docs/images/tutorial/apollo-router-and-gateway-architecture.png similarity index 100% rename from docs/images/tutorial/image-3.png rename to docs/images/tutorial/apollo-router-and-gateway-architecture.png diff --git a/docs/images/tutorial/github-integration.png b/docs/images/tutorial/github-integration-subgraph-checks-in-pr.png similarity index 100% rename from docs/images/tutorial/github-integration.png rename to docs/images/tutorial/github-integration-subgraph-checks-in-pr.png diff --git a/docs/images/tutorial/image-2.png b/docs/images/tutorial/playground-option-in-feature-flags.png similarity index 100% rename from docs/images/tutorial/image-2.png rename to docs/images/tutorial/playground-option-in-feature-flags.png diff --git a/docs/images/tutorial/image-1.png b/docs/images/tutorial/schema-checks-with-success-and-failure.png similarity index 100% rename from docs/images/tutorial/image-1.png rename to docs/images/tutorial/schema-checks-with-success-and-failure.png diff --git a/docs/studio/cosmo-ai.mdx b/docs/studio/cosmo-ai.mdx index f8091920..58214a81 100644 --- a/docs/studio/cosmo-ai.mdx +++ b/docs/studio/cosmo-ai.mdx @@ -25,7 +25,9 @@ You can run "[wgc subgraph fix](/cli/subgraph/fix)" to get a possible solution f Navigate to your organization settings and click on "Enable" in the "Cosmo AI" section. By clicking this button, you agree to the terms described above. - + Organization settings with options for generative AI documentation and RBAC controls ## Demo diff --git a/docs/studio/sso/auth0.mdx b/docs/studio/sso/auth0.mdx index 5365bfd1..3e7d18c6 100644 --- a/docs/studio/sso/auth0.mdx +++ b/docs/studio/sso/auth0.mdx @@ -17,15 +17,25 @@ description: "Setting up SSO with Auth0" A dialog will open, give the app a name, select the type of application and then click on the **Create** button. - - + Creating a new Native application named My App + + Once the app is created, navigate to the Setting tab. Now copy the **Domain**, **Client ID** and **Client Secret**. - - - + + Basic Information section showing app name My App and development domain + + Navigate to the settings page on Cosmo. @@ -34,43 +44,71 @@ description: "Setting up SSO with Auth0" * Click on **Connect.** - + Organization settings showing name, slug, and status of AI, RBAC, and SCIM features + - Give the connection a name, the **Discovery Endpoint** will be `https://YOUR_AUTH0_DOMAIN/.well-known/openid-configuration` **,** and paste the **Client ID** and **Client secret**copied before into the **Client ID** and **Client Secret fields respectively,**and then click on **Connect.** + Give the connection a name, the **Discovery Endpoint** will be `https://YOUR_AUTH0_DOMAIN/.well-known/openid-configuration` **,** and paste the **Client ID** and **Client secret**copied before into the **Client ID** and **Client Secret fields respectively,** and then click on **Connect.** - + Connect OpenID Connect Provider form with fields for name, endpoint, and credentials + Configure the mapping between the roles in Cosmo and the user roles in Auth0. The field **Group in the provider** can be populated with the name of the role or a regex to match the user roles. Once all the mappers are configured, click on **Save**. - - - + + Group mapper configuration dialog linking provider groups to Cosmo roles + Copy the sign-in and sign-out redirect URIs displayed in the dialog. - + Steps to configure OIDC provider with sign-in and sign-out redirect URLs Navigate back to the settings tab of the application created on Auth0 and populate the **Allowed Callback URLs** and **Allowed Logout URLs** redirect URIs with the above-copied sign-in and sign-out URLs respectively. Click on **Save Changes**. - + Application URI settings for callback and logout URLs in Cosmo Docs + Now navigate to **Actions** -> **Library,** and then click on **the Build Custom**button**.** - + Cosmo Docs library page showing no installed actions or configurations + @@ -97,7 +135,11 @@ exports.onExecutePostLogin = async (event, api) => { Navigate to the **Custom** tab on the right side of the page. Now drag the action and place it between Start and Complete as shown below, and then click on **Apply**. - + Login flow customization showing Start, test, and Complete actions diff --git a/docs/studio/sso/keycloak.mdx b/docs/studio/sso/keycloak.mdx index 3b970d01..c8a9c90b 100644 --- a/docs/studio/sso/keycloak.mdx +++ b/docs/studio/sso/keycloak.mdx @@ -16,30 +16,46 @@ icon: "key" Select OpenID Connect as the **Client Type, and** give the client a **Client ID**and a **Name**and then click on **Next.** - - - + + Create client form for OpenID Connect with general, capability, and login settings + Enable **Client authentication,** then click on **Next** and then click on **Save**on the next page**.** - - - + + Create client page in Cosmo Docs with client authentication on and authorization off + Navigate to the **Credentials** tab and then copy the **Client Secret.** - - - + + Client Authenticator settings showing client ID, secret, and regenerate option + Navigate to the **Realm Settings** and then copy the link of **OpenID Endpoint Configuration.** - - - + + OpenID and SAML metadata settings with user-managed access turned off + @@ -48,52 +64,83 @@ icon: "key" Click on **Connect.** - - - + + Organization settings showing name, slug, and status of AI, RBAC, and SCIM features + + - Give the connection a name, paste the **OpenID Endpoint Configuration** copied before, into the **Discovery Endpoint,**and paste the **Client ID** and **Client secret**copied before into the **Client ID** and **Client Secret fields respectively,**and then click on **Connect.** + Give the connection a name, paste the **OpenID Endpoint Configuration** copied before, into the **Discovery Endpoint,**and paste the **Client ID** and **Client secret**copied before into the **Client ID** and **Client Secret fields respectively,** and then click on **Connect.** + + + Connect OpenID Connect Provider form with fields for name, endpoint, and credentials + - - - Configure the mapping between the roles in Cosmo and the user groups in Keycloak. The field **Group in the provider** can be populated with the name of the group or a regex to match the user groups. Once all the mappers are configured, click on **Save**. - + - + Group mapper configuration dialog linking provider groups to Cosmo roles Copy the sign-in and sign-out redirect URIs displayed in the dialog. - - - + + Steps to configure OIDC provider with sign-in and sign-out redirect URLs + Navigate back to the client created on Keycloak and populate the **Valid redirect URIs** and **Valid post Logout redirect URIs** with the above-copied sign-in and sign-out URLs respectively. Click on **Save**. - - - + + Access settings showing valid redirect and logout URLs fields + + Navigate to the **Client Scopes** tab, click on the first client scope(usually would be \$\{**clientID}-dedicated**), and then click on **Configure a new mapper.** - - - + + Client scope page showing dedicated mappers section with no mappers added + Select **Group Membership.** - - - + + Configure new mapper dialog with Group Membership option for token mapping + Give the mapper a name, then populate the **Token Claim Name** with **"**ssoGroups**"** and then click on **Save.** diff --git a/docs/studio/sso/microsoft-entra.mdx b/docs/studio/sso/microsoft-entra.mdx index 601fd63a..aa5ce17d 100644 --- a/docs/studio/sso/microsoft-entra.mdx +++ b/docs/studio/sso/microsoft-entra.mdx @@ -10,7 +10,11 @@ icon: "microsoft" Log in to Microsoft Entra and navigate to the **Identity/Applications/Enterprise applications** view within Microsoft Entra. - + Microsoft Entra admin center with Enterprise Applications and New Application button @@ -20,7 +24,11 @@ Click on **New application.** Once navigated to a new page, click on **Create your own application**. - + Microsoft Entra admin center showing Create Your Own Application option @@ -36,59 +44,93 @@ Now navigate to **Identity/Applications/App registrations.** In the **All applications tab,** select the application which we created. - + Microsoft Entra admin center listing registered apps “test” and “test2” Copy the Application(Client) ID, then click on **Endpoints** and then copy the **OpenID Connect metadata document**(Discovery Endpoint). - + Endpoints section in Microsoft Entra highlighting OpenID Connect metadata document Navigate to **Certificates and Secrets.** -Click on **New client secret,**give it a description and select the expiry according to your needs and then click on **Add**. +Click on **New client secret,** give it a description and select the expiry according to your needs and then click on **Add**. Copy the **value(client secret)** and store it, as it won't be shown again. - + Microsoft Entra Certificates & secrets showing new client secret created on March 14, 2024 Navigate to the settings page on Cosmo. - + Organization settings showing name, slug, and status of AI, RBAC, and SCIM features + - Give the connection a name, paste the **OpenID Connect metadata document** copied before, into the **Discovery Endpoint,**paste the **Client ID** and **Client secret**copied before into the **Client ID** and **Client Secret fields respectively,**and then click on **Connect.** + Give the connection a name, paste the **OpenID Connect metadata document** copied before, into the **Discovery Endpoint,** paste the **Client ID** and **Client secret** copied before into the **Client ID** and **Client Secret fields respectively,** and then click on **Connect.** + - + Connecting OpenID Connect provider for specific organization in Cosmo Docs Configure the mapping between the roles in Cosmo and the groups in Microsoft Entra. The field **Group in the provider** should be populated with the **Object ID of a group from Entra.** Once all the mappers are configured, click on **Save**. Every member in those groups would get the respective role configured. - + Group mapper configuration showing Cosmo role and provider group fields
- + Microsoft Entra admin center showing two groups with object IDs listed Copy the sign-in and sign-out redirect URIs displayed in the dialog. - + Steps to configure OIDC provider with sign-in and sign-out redirect URLs @@ -96,39 +138,55 @@ Copy the sign-in and sign-out redirect URIs displayed in the dialog. Navigate back to the **App registrations** page, in the **All applications** tab select the app which we created. - Click on **Add a redirect URI, and** now click on **Add a platform,**select **Web**and then paste the Sign-in and Sign-out redirect URIs in the **Redirect URIs** and **Front-channel logout URL**respectively**.** + Click on **Add a redirect URI, and** now click on **Add a platform,** select **Web** and then paste the Sign-in and Sign-out redirect URIs in the **Redirect URIs** and **Front-channel logout URL **respectively**.** - + Azure AD registration page highlighting Add Redirect URI button - Select **ID tokens**and then click on **Configure.** + Select **ID tokens** and then click on **Configure.** - Now navigate to **Token configuration, and**click on **Add groups claim.** + Now navigate to **Token configuration**, and click on **Add groups claim.** -Select **Security groups,**expand **ID,**select **Group ID**and click on **Add.** +Select **Security groups,** expand **ID,** select **Group ID** and click on **Add.** - + Microsoft Entra Token configuration showing Security groups claim with Group ID option -Navigate to **API Permissions, and** click on **Add a permission.** +Navigate to **API Permissions**, and click on **Add a permission.** - + Microsoft Entra API permissions section for adding Microsoft Graph API access - Click on **Microsoft Graph,** and then on **Delegated permissions,**select **email, openid and profile**and then click on **Add permissions.** + Click on **Microsoft Graph,** and then on **Delegated permissions,** select **email, openid and profile** and then click on **Add permissions.** Now you can assign users/groups to the application, and only those users will be able to log into Cosmo using the URL provided on setting up the provider. - + Microsoft Entra Users and groups section showing Add user/group button @@ -136,20 +194,28 @@ Now you can assign users/groups to the application, and only those users will be Please make sure that the users added to the application have an email. -Steps to add a user:- +Steps to add a user: Navigate to Users/All users, click on New User and then click on Create a new user. - + Microsoft Entra Users section highlighting Create new user option Provide the user principal name, the display name and then click on **Next**. - + Create new user dialog in Microsoft Entra with principal name and display fields @@ -159,7 +225,11 @@ Provide the first name(optional) and the last name(optional). Provide the email of the user(**Required**). - + Microsoft Entra Identity section for new user creation with name and email fields diff --git a/docs/studio/sso/okta.mdx b/docs/studio/sso/okta.mdx index 897fdbbe..11ec6779 100644 --- a/docs/studio/sso/okta.mdx +++ b/docs/studio/sso/okta.mdx @@ -21,14 +21,23 @@ icon: "user-shield" For the application type, select **Web Application** and click on **Next**. - + Create new app integration page for selecting sign-in method and application type Now give the app a name. - + Web app integration settings showing App integration name field set to My Web App + /> @@ -38,22 +47,35 @@ icon: "user-shield" Scroll down to the **Assignments** section and select one of the options based on your choice and then click on **Save.** - + Cosmo Docs access assignment dialog with options for group or org-wide access + /> Copy the **Client ID** and **Client Secret.** - + Client Credentials section editing client ID for OAuth flows Navigate to **Security** -> **API**. - - - + + Client Credentials section editing client ID and authentication settings + Select the **default** authorization server. @@ -62,59 +84,94 @@ icon: "user-shield" Copy the **Metadata URI.** - + Default authorization server settings highlighting metadata URI in Cosmo Docs Navigate to the settings page on Cosmo. - - - + + Organization settings showing name, slug, and status of AI, RBAC, and SCIM features + + - Give the connection a name, paste the **Metadata URI** copied before, into the **Discovery Endpoint,**and paste the **Client ID** and **Client secret**copied before into the **Client ID** and **Client Secret fields respectively,**and then click on **Connect.** + Give the connection a name, paste the **Metadata URI** copied before, into the **Discovery Endpoint,**and paste the **Client ID** and **Client secret** copied before into the **Client ID** and **Client Secret fields respectively,**and then click on **Connect.** + + + Connect OpenID Connect Provider form with fields for name, endpoint, and credentials + - - - Configure the mapping between the roles in Cosmo and the user groups in Okta. The field **Group in the provider** can be populated with the name of the group or a regex to match the user groups. Once all the mappers are configured, click on **Save**. - + Group mapper configuration dialog linking provider groups to Cosmo roles Copy the sign-in and sign-out redirect URIs displayed in the dialog. - - - + + Steps to configure OIDC provider with sign-in and sign-out redirect URLs + Navigate back to the application created on Okta and populate the Sign-in and Sign-out redirect URIs with the above-copied values. Click on **Save**. - - - + + Login configuration specifying sign-in and sign-out redirect URIs and login initiator + Navigate to Security-> API, and click on the **default** auth server. Navigate to the **claims** tab and then click on **Add Claim.** - - - + + Access Policies section showing claims list and Token Preview button + + Name the claim "ssoGroups", and include it in the **ID Token,** for the value type select **Groups,** and for the filter select **Matches regex** and populate the field with **".\*".**Click on **Create.** - - - + + Add Claim dialog for ssoGroups with filters, scopes, and create button + Now you can assign users/groups to the application, and those users will be able to log into Cosmo using the URL provided on setting up the provider. diff --git a/docs/tutorial/pr-based-workflow-for-federation.mdx b/docs/tutorial/pr-based-workflow-for-federation.mdx index b114f6d3..39795b83 100644 --- a/docs/tutorial/pr-based-workflow-for-federation.mdx +++ b/docs/tutorial/pr-based-workflow-for-federation.mdx @@ -48,7 +48,7 @@ jobs: By installing the [Cosmo GitHub App](https://github.com/apps/wundergraph-cosmo) onto your repositories, we can apply status checks to commits in your pull request. - Cosmo GitHub App Integration + GitHub pull request checks with Cosmo subgraph results: hobbies failing (2 breaking changes), employees and family passing; merge possible. The check fails if composition errors or breaking changes are detected. In the case of only breaking changes, you can override the status of the check in the Studio. diff --git a/docs/tutorial/using-apollo-router-gateway-with-cosmo-oss-schema-registry.mdx b/docs/tutorial/using-apollo-router-gateway-with-cosmo-oss-schema-registry.mdx index 06596e0d..54929195 100644 --- a/docs/tutorial/using-apollo-router-gateway-with-cosmo-oss-schema-registry.mdx +++ b/docs/tutorial/using-apollo-router-gateway-with-cosmo-oss-schema-registry.mdx @@ -8,8 +8,8 @@ icon: route The first step to migrate from Apollo GraphOS is to move the graphs from GraphOS to WunderGraph Cosmo. Once this is done, migration from the Apollo Router/Gateway to the Cosmo router can be done gradually using the Apollo compatibility mode. - - + + Diagram showing Cosmo Schema Registry and WGC CLI generating an Apollo-compatible supergraph for the Apollo Router/Gateway, updated via webhook on schema change. As the router/gateway can be migrated gradually, this method becomes the fastest way to initially migrate from Apollo to WunderGraph Cosmo. diff --git a/docs/tutorial/using-persisted-operations.mdx b/docs/tutorial/using-persisted-operations.mdx index ebeadfbd..258c1e85 100644 --- a/docs/tutorial/using-persisted-operations.mdx +++ b/docs/tutorial/using-persisted-operations.mdx @@ -19,7 +19,10 @@ Persisted Operations, also known as Trusted Documents or Persisted Queries, allo Let's start by writing an operation in our playground. The easiest way to open it is to use [Cosmo Studio](https://cosmo.wundergraph.com). Navigate to your federated graph's `Playground` by clicking its link in the sidebar. - + Feature Flags section showing Playground option in WunderGraph docs Now type and execute the following operation: