docs: add notes for OVERRIDE_IDENTITY_PROVIDERS usage

intershop · Aug 12, 2024 · 4510f8b · 4510f8b
1 parent b05ea29
commit 4510f8b
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 9 deletions.
diff --git a/docs/guides/authentication_co_browse.md b/docs/guides/authentication_co_browse.md
@@ -39,7 +39,7 @@ identityProviders: {
 > As mentioned above, this configuration example is only relevant for development purposes.
 
 For production-like deployments, the PWA has to be be configured to use the `Co-Browse` identity provider only when the user enters the `cobrowse` route.
-This can be configured with the `OVERRIDE_IDENTITY_PROVIDERS` environment variable (see [Override Identity Providers by Path][nginx-startup]) for the NGINX container.
+This can be configured with the `OVERRIDE_IDENTITY_PROVIDERS` environment variable (see [Override Identity Providers by Path](../guides/nginx-startup.md#override-identity-providers-by-path)) for the NGINX container.
 Nevertheless, the SSR process needs to be provided with the co-browse identity provider configuration as one of the available identity providers.
 In this way, the global `identityProvider` configuration is left to be the default ICM configuration.
 
@@ -139,6 +139,3 @@ Hence, the token will not expire as long as the user keeps the PWA open in the b
 
 When the user logs out by clicking the logout link or navigating to the `/logout` route, the configured [`logout()`](../../src/app/core/identity-provider/co-browse.identity-provider.ts) function will be executed, which will call the [`revokeApiToken()`](../../src/app/core/services/user/user.service.ts) user service in order to deactivate the token on server side.
 Besides this, the PWA removes the token, the apiToken cookie and basket-id on browser side.
-
-[ssr-startup]: ../guides/ssr-startup.md
-[nginx-startup]: ../guides/nginx-startup.md
diff --git a/docs/guides/authentication_punchout.md b/docs/guides/authentication_punchout.md
@@ -32,7 +32,7 @@ identityProviders: {
 > As mentioned above, this configuration example is only relevant for punchout development purposes.
 
 For production-like deployments, the PWA has to be configured to use the `Punchout` identity provider only when the user enters the `punchout` route.
-This can be configured with the `OVERRIDE_IDENTITY_PROVIDERS` environment variable (see [Override Identity Providers by Path][nginx-startup]) for the NGINX container.
+This can be configured with the `OVERRIDE_IDENTITY_PROVIDERS` environment variable (see [Override Identity Providers by Path](../guides/nginx-startup.md#override-identity-providers-by-path)) for the NGINX container.
 Nevertheless, the SSR process needs to be provided with the punchout identity provider configuration as one of the available identity providers.
 In this way, the global `identityProvider` configuration is left to be the default ICM configuration.
 
@@ -136,6 +136,3 @@ Hence, the token will not expire as long as the user keeps the PWA open in the b
 
 When the user logs out by clicking the logout link or navigating to the `/logout` route, the configured [`logout()`](../../src/app/extensions/punchout/identity-provider/punchout-identity-provider.ts) function will be executed, which will call the [`revokeApiToken()`](../../src/app/core/services/user/user.service.ts) user service in order to deactivate the token on server side.
 Besides this, the PWA removes the token and basket-id on browser side, fetches a new anonymous user token, and sets it as `apiToken` cookie.
-
-[ssr-startup]: ../guides/ssr-startup.md
-[nginx-startup]: ../guides/nginx-startup.md
diff --git a/docs/guides/nginx-startup.md b/docs/guides/nginx-startup.md
@@ -151,7 +151,7 @@ The PWA can be configured with multiple identity providers.
 In some use cases a specific identity provider must be selected when a certain route is requested.
 For example, a punchout user should be logged in by the punchout identity provider requesting a punchout route.
 For all other possible routes the default identity provider must be selected.
-This can be done by setting only the environment variable `OVERRIDE_IDENTITY_PROVIDER`.
+This can be done by setting the environment variable `OVERRIDE_IDENTITY_PROVIDER`.
 
 ```yaml
 nginx:
@@ -167,6 +167,12 @@ Alternatively, the source can be supplied by setting `OVERRIDE_IDENTITY_PROVIDER
 
 If no environment variable is set, this feature is disabled.
 
+> [!NOTE]
+> The alternative identity providers need to be configured for the SSR container via `IDENTITY_PROVIDERS` to be used in the NGINX `OVERRIDE_IDENTITY_PROVIDER` configuration.
+
+> [!IMPORTANT]
+> Overriding identity providers by path via NGINX configuration will only work with enabled SSR. SSR is enabled by default and must not be disabled via `SSR: 0`.
+
 ### Add Additional Headers
 
 > [!IMPORTANT]