PLEASE NOTE: In your proposal, please briefly explain how you will approach this project, rather than simply say "I can do it for 'x' amount.
This project requires virtually no coding, but needs understanding of JavaScript/NodeJS, OAuth and OpenId Connect as they relate to login with external providers on Directus CMS.
You will need a SQL database (preferably Microsoft SQL Server, but mySQL is fine).
You must also be able to write clearly, unambiguously and concisely in English.
INTRODUCTION Directus is a headless CMS that can be used to build REST APIs over SQL-based databases.
Out of the box, the Directus admin app has a username/password authentication, but this can be extended to enable external authentication providers such as Microsoft, Google or Auth0.
For this, Directus allows authentication using two 'drivers': "openid" and "oauth2". We have already got a working mechanism for "openid" and for us it is not suitable.
We need help getting a working configuration for "oauth2".
OBJECTIVE Find and document the correct, working configuration for the "oauth2" driver (NOT "openid") in Directus, and document in detail all the configuration steps in other platforms (such as Azure, Auth0, Google etc).
Very important: This documentation should be easily followable by non-technical persons to manage their own instances of Directus and roll out other external authentication providers.
OUTPUTS There are two mandatory outputs: a) demonstration and b) documentation.
A: Demonstration You will need to be able to configure and demonstrate authentication on the Directus admin app with 2 external providers configured in Directus with the "oauth2" driver: a) Microsoft (simple outlook.com or hotmail.com accounts) b) Auth0 - from which you should be able to demonstrate authentication to Google. (Do NOT authenticate to Google directly - it must be via Auth0)
The authentication must be demonstrated in two modes:
1. You must be able to demonstrate that a user invited or added in Directus (by an admin for example) can immediately log in with both mechanisms (Microsoft and Auth0). They should have their user details (as obtained from the access_token) updated in the database.
2. You must be able to demonstrate that a user can self-register with both of the mechanisms (Microsoft and Auth0) and have a user record created in the database (again, from details in tokens), and can subsequently log off and log on multiple times.
The new users should not be in the administrator role or equivalent, and should either be in no role or in a custom low-privilege role.
B: Documentation Production of detailed Word document(s) with clear descriptions, logical steps and reasoning. I expect screenshots of Directus, Auth0 as well as Azure or Google application setup where necessary. It must also include code snippets (e.g. complete configuration sections). You can of course, mask out your application id and secrets.
