Skip to main content

Authentication overview

NetFoundry Frontdoor includes OAuth integration for Custom Frontends, allowing you to authenticate users through various OAuth providers before they can access your shared resources. You can configure multiple OAuth providers and restrict access based on email address patterns.

Planning for OAuth authentication

OAuth authentication in NetFoundry Frontdoor is configured at the Custom Frontend level and applied to individual Shares. Each Custom Frontend can have multiple Auth Providers configured, and each Share can be protected with a specific Auth Provider.

The OAuth authentication flow uses the Custom Frontend's domain to handle redirects from OAuth providers. This means you'll need a Custom Frontend with a properly configured domain name that is accessible by your end users.

Managing auth providers

Frontdoor supports CRUD operations for Auth Providers. See the Auth Provider API Guide for details.

Provider-specific setup guides

For detailed setup instructions for each provider type, including how to obtain client credentials and configure redirect URLs, see the provider-specific guides:

When configuring OAuth applications with these providers, use your Custom Frontend's domain for the authorized redirect URLs in the format: https://oauth.your-custom-frontend.com/{auth-provider-name}/auth/callback

Best practices

  • Use descriptive names for Auth Providers that clearly indicate their purpose such as google-employees or github-contractors while implementing specific email patterns to limit access to authorized users.
  • Rotate OAuth client secrets regularly and configure appropriate session lifetimes based on your security requirements.
  • Monitor authentication metrics consistently to detect unusual access patterns and maintain system security.

More info

  • Learn how to create and manage Auth Providers using the Auth Provider API
  • Explore Custom Frontends to understand how Auth Providers integrate with branded domains
  • Review Shares to learn how to protect services with OAuth authentication
  • Set up provider-specific OAuth applications using the Auth Provider Types reference