docs/pages/che-7/administration-guide/proc_enabling-authentication-with-social-accounts-and-brokering.adoc - gerrit/www.eclipse.org/che - Git at Google

 // configuring-authorization

 [id="enabling-authentication-with-social-accounts-and-brokering_{context}"]
 = Enabling authentication with social accounts and brokering

 {identity-provider} provides built-in support for GitHub, OpenShift, and most common social networks such as Facebook and Twitter.
 ifeval::["{project-context}" == "che"]
 See Instructions to link:{identity-provider-docs-url}{identity-provider-version}/server_admin/#github[enable Login with GitHub].
 endif::[]

 ifeval::["{project-context}" != "che"]
 See Instructions to link:{identity-provider-docs-url}{identity-provider-version}/html-single/server_administration_guide/index#github[enable Login with GitHub].
 endif::[]


 You can also enable the SSH key and upload it to the {prod-short} users’ GitHub accounts.

 To enable this feature when you register a GitHub identity provider:

 . Set scope to `repo,user,write:public_key`.

 . Set store tokens and stored tokens readable to *ON*.
 +
 image::git/kc_provider.png[link="{imagesdir}/git/kc_provider.png"]

 . Add a default read-token role.
 +
 image::git/kc_roles.png[link="{imagesdir}/git/kc_roles.png"]

 This is the default `delegated` OAuth service mode for multiuser {prod-short}. You can configure the OAuth service mode with the property `che.oauth.service_mode`.

 // TODO: To use {prod-short}'s OAuth Authenticator, set `che.oauth.service_mode` to `embedded` and use link:{site-baseurl}che-7/version-control/[Instructions for single-user mode].

 // TODO: See link:ide_projects.html#importing-projects-in-the-ide[SSH key management] for more information.
	// configuring-authorization

	[id="enabling-authentication-with-social-accounts-and-brokering_{context}"]
	= Enabling authentication with social accounts and brokering

	{identity-provider} provides built-in support for GitHub, OpenShift, and most common social networks such as Facebook and Twitter.
	ifeval::["{project-context}" == "che"]
	See Instructions to link:{identity-provider-docs-url}{identity-provider-version}/server_admin/#github[enable Login with GitHub].
	endif::[]

	ifeval::["{project-context}" != "che"]
	See Instructions to link:{identity-provider-docs-url}{identity-provider-version}/html-single/server_administration_guide/index#github[enable Login with GitHub].
	endif::[]


	You can also enable the SSH key and upload it to the {prod-short} users’ GitHub accounts.

	To enable this feature when you register a GitHub identity provider:

	. Set scope to `repo,user,write:public_key`.

	. Set store tokens and stored tokens readable to ON.
	+
	image::git/kc_provider.png[link="{imagesdir}/git/kc_provider.png"]

	. Add a default read-token role.
	+
	image::git/kc_roles.png[link="{imagesdir}/git/kc_roles.png"]

	This is the default `delegated` OAuth service mode for multiuser {prod-short}. You can configure the OAuth service mode with the property `che.oauth.service_mode`.

	// TODO: To use {prod-short}'s OAuth Authenticator, set `che.oauth.service_mode` to `embedded` and use link:{site-baseurl}che-7/version-control/[Instructions for single-user mode].

	// TODO: See link:ide_projects.html#importing-projects-in-the-ide[SSH key management] for more information.