[IS 7.1/next] Add deployment.toml configuration for custom local authenticator visibility in the Console UI#5915
Conversation
WalkthroughAdds version gating around a deployment.toml snippet in the "Deploy the authenticator" docs: the Changes
Estimated code review effort🎯 2 (Simple) | ⏱️ ~10 minutes Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 inconclusive)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
🧹 Nitpick comments (2)
en/includes/references/extend/authentication/write-a-custom-local-authenticator.md (2)
74-74: Use “sign-in” and address the reader directly.
The sentence uses “login” for a user-facing UI and does not address the reader as “you.” Consider a shorter, active-voice rewrite.✏️ Suggested edit
-4. To ensure the custom local authenticator is properly recognized as a first-factor option in the {{ product_name }} Console's application login flow UI, add the following configuration to the `deployment.toml` file in the `<IS_HOME>/repository/conf` folder. +4. To make the custom local authenticator appear as a first-factor option in the {{ product_name }} Console application sign-in flow, add the following configuration to `deployment.toml` in `<IS_HOME>/repository/conf`.As per coding guidelines: “Use 'sign-in' ... for end-user UI text,” “Address the reader as 'you',” and “Use active voice and present tense.”
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@en/includes/references/extend/authentication/write-a-custom-local-authenticator.md` at line 74, Rewrite the sentence that currently reads "To ensure the custom local authenticator is properly recognized as a first-factor option in the {{ product_name }} Console's application login flow UI, add the following configuration to the `deployment.toml` file in the `<IS_HOME>/repository/conf` folder." to use "sign-in", address the reader as "you", and use active present-tense voice; for example, instruct the reader directly to "Add the following configuration to the `deployment.toml` file in the `<IS_HOME>/repository/conf` folder so your custom local authenticator appears as a first-factor option in the {{ product_name }} Console's application sign-in flow." Ensure you update the sentence containing "application login flow UI" (search for "application login flow UI" or the deployment.toml mention) and keep variable placeholders like {{ product_name }} unchanged.
74-79: Add required configuration details (controls, default, constraints, and when to change).
This block introduces a new setting but does not describe what it controls, the default, constraints, or when users should change it.📌 Minimal addition example
4. To make the custom local authenticator appear as a first-factor option in the {{ product_name }} Console application sign-in flow, add the following configuration to `deployment.toml` in `<IS_HOME>/repository/conf`. + + - Controls: which custom local authenticators appear as first-factor options in the Console sign-in flow. + - Default: empty list. + - Constraints: array of authenticator names returned by `getName()`. + - Change this when: the authenticator does not appear in the Console sign-in flow after deployment. ``` toml [console.ui] login_flow_custom_first_factor_authenticators = [ "SampleLocalAuthenticator" ] ```As per coding guidelines: “When documenting configuration, describe what the setting controls, state the default value, state constraints... and explain when the user should change it.”
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@en/includes/references/extend/authentication/write-a-custom-local-authenticator.md` around lines 74 - 79, Add a short explanation for the login_flow_custom_first_factor_authenticators setting: state that it controls which custom local authenticators are exposed as first-factor options in the {{ product_name }} Console login flow UI, note the default is an empty list (no custom first-factor authenticators), specify constraints that the value must be a TOML array of authenticator IDs/names as strings that exactly match the registered authenticator class/ID (e.g., "SampleLocalAuthenticator"), and indicate when to change it (add entries when you implement and want a custom local authenticator to appear as a first-factor option; remove when you no longer want it shown).
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In
`@en/includes/references/extend/authentication/write-a-custom-local-authenticator.md`:
- Line 74: Rewrite the sentence that currently reads "To ensure the custom local
authenticator is properly recognized as a first-factor option in the {{
product_name }} Console's application login flow UI, add the following
configuration to the `deployment.toml` file in the `<IS_HOME>/repository/conf`
folder." to use "sign-in", address the reader as "you", and use active
present-tense voice; for example, instruct the reader directly to "Add the
following configuration to the `deployment.toml` file in the
`<IS_HOME>/repository/conf` folder so your custom local authenticator appears as
a first-factor option in the {{ product_name }} Console's application sign-in
flow." Ensure you update the sentence containing "application login flow UI"
(search for "application login flow UI" or the deployment.toml mention) and keep
variable placeholders like {{ product_name }} unchanged.
- Around line 74-79: Add a short explanation for the
login_flow_custom_first_factor_authenticators setting: state that it controls
which custom local authenticators are exposed as first-factor options in the {{
product_name }} Console login flow UI, note the default is an empty list (no
custom first-factor authenticators), specify constraints that the value must be
a TOML array of authenticator IDs/names as strings that exactly match the
registered authenticator class/ID (e.g., "SampleLocalAuthenticator"), and
indicate when to change it (add entries when you implement and want a custom
local authenticator to appear as a first-factor option; remove when you no
longer want it shown).
There was a problem hiding this comment.
Pull request overview
This pull request adds version-gated documentation (for versions 7.1.0 and next) that explains how to configure a custom local authenticator to be visible as a first-factor authentication option in the WSO2 Identity Server Console UI. The configuration requires adding a new TOML setting to the deployment.toml file.
Changes:
- Added a new step 4 in the "Deploy the authenticator" section with version gating for 7.1.0 and next versions
- Documented the
[console.ui]configuration with thelogin_flow_custom_first_factor_authenticatorsparameter
There was a problem hiding this comment.
🧹 Nitpick comments (1)
en/includes/references/extend/authentication/write-a-custom-local-authenticator.md (1)
74-79: Document default and allowed values forlogin_flow_custom_first_factor_authenticators.Please add the key’s default behavior and value constraints (type and accepted authenticator names) near this snippet. Right now the example is clear, but the setting contract is incomplete. As per coding guidelines, "When documenting configuration, describe what the setting controls, state the default value, state constraints (type, valid range, allowed values), provide a minimal example, and explain when the user should change it".
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@en/includes/references/extend/authentication/write-a-custom-local-authenticator.md` around lines 74 - 79, Add a short explanatory paragraph next to the deployment.toml snippet that documents the login_flow_custom_first_factor_authenticators setting: state that it belongs under [console.ui], controls which custom local authenticators appear as first-factor options in the Console login flow, has a default of unset/empty (no custom first-factor authenticators shown), accepts an array of strings (authenticator names as registered with the server, e.g., "SampleLocalAuthenticator"), and that values must match the authenticator's configured name; include a one-line note advising to add entries only when you have implemented and registered a custom local authenticator.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In
`@en/includes/references/extend/authentication/write-a-custom-local-authenticator.md`:
- Around line 74-79: Add a short explanatory paragraph next to the
deployment.toml snippet that documents the
login_flow_custom_first_factor_authenticators setting: state that it belongs
under [console.ui], controls which custom local authenticators appear as
first-factor options in the Console login flow, has a default of unset/empty (no
custom first-factor authenticators shown), accepts an array of strings
(authenticator names as registered with the server, e.g.,
"SampleLocalAuthenticator"), and that values must match the authenticator's
configured name; include a one-line note advising to add entries only when you
have implemented and registered a custom local authenticator.
…sibility in the Console UI.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
JayaShakthi97
force-pushed
the
custom-authenticator
branch
from
6200396 to
9cb05e1
Compare
Co-authored-by: Himesh Siriwardana <himesh.siriwardana@gmail.com>
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In
`@en/includes/references/extend/authentication/write-a-custom-local-authenticator.md`:
- Around line 74-79: Update the doc block that shows
console.ui.login_flow_custom_first_factor_authenticators to state its accepted
values and default behavior: explain that the setting is an array of strings
(authenticator names returned by each authenticator's getName()), give the
minimal example already shown (e.g., "SampleLocalAuthenticator"), and note the
default (when the key is not set in {{ product_name }} 7.1.0 or `next` the
custom local authenticator remains hidden from the Console first-factor picker).
Also mention the constraint that only names returned by getName() are valid.
ℹ️ Review info
⚙️ Run configuration
Configuration used: Organization UI
Review profile: CHILL
Plan: Pro
Run ID: b51be9ea-bd7c-44c6-a62e-811db8e2e3b8
📒 Files selected for processing (1)
en/includes/references/extend/authentication/write-a-custom-local-authenticator.md
| 4. To ensure the custom local authenticator appears as a first-factor option in the {{ product_name }} Console login flow UI, add the following configuration to the `<IS_HOME>/repository/conf/deployment.toml` file. | ||
|
|
||
| ``` toml | ||
| [console.ui] | ||
| login_flow_custom_first_factor_authenticators = [ "SampleLocalAuthenticator" ] | ||
| ``` |
There was a problem hiding this comment.
Document the setting's accepted values and default behavior.
This new console.ui.login_flow_custom_first_factor_authenticators example explains why to add the key, but it still leaves readers guessing what values the array accepts and what happens when they omit it. A short note that the list must contain authenticator names returned by getName(), and that the authenticator stays hidden from the Console first-factor picker when the key is not set, would make the step self-contained.
✏️ Suggested wording
4. To ensure the custom local authenticator appears as a first-factor option in the {{ product_name }} Console login flow UI, add the following configuration to the `<IS_HOME>/repository/conf/deployment.toml` file.
``` toml
[console.ui]
login_flow_custom_first_factor_authenticators = [ "SampleLocalAuthenticator" ]
```
+
+ This setting accepts a list of authenticator names returned by `getName()`. If you do not set this value in {{ product_name }} 7.1.0 or `next`, the custom local authenticator does not appear as a first-factor option in the Console UI.As per coding guidelines, "When documenting configuration, describe what the setting controls, state the default value, state constraints (type, valid range, allowed values), provide a minimal example, and explain when the user should change it."
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.
In
`@en/includes/references/extend/authentication/write-a-custom-local-authenticator.md`
around lines 74 - 79, Update the doc block that shows
console.ui.login_flow_custom_first_factor_authenticators to state its accepted
values and default behavior: explain that the setting is an array of strings
(authenticator names returned by each authenticator's getName()), give the
minimal example already shown (e.g., "SampleLocalAuthenticator"), and note the
default (when the key is not set in {{ product_name }} 7.1.0 or `next` the
custom local authenticator remains hidden from the Console first-factor picker).
Also mention the constraint that only names returned by getName() are valid.
Purpose
This pull request adds documentation to clarify the proper configuration of a custom local authenticator as a first-factor authentication option in the Console UI for versions 7.1.0 and next.
Related issue
Summary by CodeRabbit