From 0bf8f8118971128cf860b9aa672fcfb3abfb6da1 Mon Sep 17 00:00:00 2001 From: Michael Gaffney Date: Sun, 11 Oct 2020 14:19:01 -0400 Subject: [PATCH] Docs: add content to Domain Model - Authentication Methods page (#616) * Docs: add content to Domain Model - Authentication Methods page * Docs: order references alphabetically --- .../concepts/domain-model/auth-methods.mdx | 60 +++++++++++-------- 1 file changed, 36 insertions(+), 24 deletions(-) diff --git a/website/content/docs/concepts/domain-model/auth-methods.mdx b/website/content/docs/concepts/domain-model/auth-methods.mdx index fb9385d99a..e20947ead9 100644 --- a/website/content/docs/concepts/domain-model/auth-methods.mdx +++ b/website/content/docs/concepts/domain-model/auth-methods.mdx @@ -8,27 +8,39 @@ description: |- # Authentication Methods -An authentication method is a method configured for an Organization to authenticate Users. -The configuration of an Authentication Method may contain secrets. -Zero or one Authentication Method can be configured to create Users. -Creation of Groups may be added later. -An Authentication Method is owned by one and only one Organization. -An Authentication Method creates and references zero or more Users. -An Authentication Method is deleted when the Organization it belongs to is deleted. -The lifecycle of an Authentication Method is not tied to the lifecycle of any User. - -```shell-session -+---------------------------------------------+ -| Organization | -+---------------------------------------------+ -| Auth OIDC 1 | Auth OIDC 2 | Auth Userpass 1 | -+---------------------------------------------+ -``` - -# Attributes - -### ID - -An authentication method ID has a `am_` prefix followed by ten digits. - -Example: `am_0123456789` +An authentication method is a resource +that provides a mechanism +for [users][] to authenticate to Boundary. +An authentication method contains [accounts][] +which link an individual user to a set of credentials. +Authentication methods can be defined at either a [Global][] or [Organization][] [scope][]. + +## Attributes + +All authentication methods have the following configurable attributes: + +- `name` - (optional) + If set, the `name` must be unique within the authentication method's scope. + +- `description` - (optional) + +### Password Authentication Method Attributes + +The password authentication method has the following additional attributes: + +- `min_login_name_length` - (required) The default is 3. + +- `min_password_length` - (required) The default is 8. + +## Referenced By + +- [Account][] +- [Global][] +- [Organization][] + +[account]: /docs/concepts/domain-model/accounts +[accounts]: /docs/concepts/domain-model/accounts +[global]: /docs/concepts/domain-model/scopes#global +[organization]: /docs/concepts/domain-model/scopes#organizations +[scope]: /docs/concepts/domain-model/scopes +[users]: /docs/concepts/domain-model/users