Skip to main content
Sourcebot supports a wide range of different authentication providers through it’s integration with Auth.js. This page highlights how to configure the various supported providers. If theres an authentication provider you’d like us to support, please reach out.

Core Authentication Providers

Email / Password

Email / password authentication is enabled by default. It can be disabled by setting AUTH_CREDENTIALS_LOGIN_ENABLED to false.

Email codes

Email codes are 6 digit codes sent to a provided email. Email codes are enabled when transactional emails are configured using the following environment variables:
  • AUTH_EMAIL_CODE_LOGIN_ENABLED
  • SMTP_CONNECTION_URL
  • EMAIL_FROM_ADDRESS
See transactional emails for more details.

Enterprise Authentication Providers

The following authentication providers require an enterprise license to be enabled.

GitHub

Auth.js GitHub Provider Docs Required environment variables:
  • AUTH_EE_GITHUB_CLIENT_ID
  • AUTH_EE_GITHUB_CLIENT_SECRET
Optional environment variables:
  • AUTH_EE_GITHUB_BASE_URL - Base URL for GitHub Enterprise (defaults to https://github.com)

GitLab

Auth.js GitLab Provider Docs Required environment variables:
  • AUTH_EE_GITLAB_CLIENT_ID
  • AUTH_EE_GITLAB_CLIENT_SECRET
Optional environment variables:

Google

Auth.js Google Provider Docs Required environment variables:
  • AUTH_EE_GOOGLE_CLIENT_ID
  • AUTH_EE_GOOGLE_CLIENT_SECRET

GCP IAP

If you’re running Sourcebot in an environment that blocks egress, make sure you allow the IAP IP ranges
Custom provider built to enable automatic Sourcebot account registration/login when using GCP IAP. Required environment variables
  • AUTH_EE_GCP_IAP_ENABLED
  • AUTH_EE_GCP_IAP_AUDIENCE
    • This can be found by selecting the ⋮ icon next to the IAP-enabled backend service and pressing Get JWT audience code

Okta

Auth.js Okta Provider Docs Required environment variables:
  • AUTH_EE_OKTA_CLIENT_ID
  • AUTH_EE_OKTA_CLIENT_SECRET
  • AUTH_EE_OKTA_ISSUER

Keycloak

Auth.js Keycloak Provider Docs Required environment variables:
  • AUTH_EE_KEYCLOAK_CLIENT_ID
  • AUTH_EE_KEYCLOAK_CLIENT_SECRET
  • AUTH_EE_KEYCLOAK_ISSUER

Microsoft Entra ID

Auth.js Microsoft Entra ID Provider Docs Required environment variables:
  • AUTH_EE_MICROSOFT_ENTRA_ID_CLIENT_ID
  • AUTH_EE_MICROSOFT_ENTRA_ID_CLIENT_SECRET
  • AUTH_EE_MICROSOFT_ENTRA_ID_ISSUER
I