Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/tailor-platform/sdk/llms.txt

Use this file to discover all available pages before exploring further.

IdP is a built-in identity provider service for managing user authentication on the Tailor Platform.

Overview

The Built-in IdP provides:
  • User registration and authentication
  • OAuth client management
  • Integration with Auth service
For the official Tailor Platform documentation, see Identity Provider Setup.

Configuration

Configure the Built-in IdP using defineIdp():
Definition Rules:
  • Multiple IdPs allowed: You can define multiple IdP instances in your config file
  • Configuration location: Define in tailor.config.ts and add to the idp array
  • Uniqueness: IdP names must be unique across all IdP instances
import { defineIdp, defineConfig } from "@tailor-platform/sdk";

const idp = defineIdp("my-idp", {
  authorization: "loggedIn",
  clients: ["my-client"],
});

// You can define multiple IdPs
const anotherIdp = defineIdp("another-idp", {
  authorization: "loggedIn",
  clients: ["another-client"],
});

export default defineConfig({
  idp: [idp, anotherIdp], // Add all IdPs to the array
});

Options

authorization

User management permissions. Controls who can manage users in the IdP. 
defineIdp("my-idp", {
  authorization: "loggedIn", // Only logged-in users can manage
});
authorization
string
required
Values:
  • "insecure" - No authentication required (use only for development)
  • "loggedIn" - Requires authenticated user
  • CEL expression - Custom authorization logic

clients

OAuth client names that can use this IdP: 
defineIdp("my-idp", {
  clients: ["default-client", "mobile-client"],
});
clients
string[]
required
Array of OAuth client names that are allowed to use this IdP

Using idp.provider()

The idp.provider() method creates a type-safe reference to the IdP for use in Auth configuration. The client name is validated at compile time against the clients defined in the IdP.
example/tailor.config.ts
import { defineIdp, defineAuth, defineConfig } from "@tailor-platform/sdk";
import { user } from "./tailordb/user";

const idp = defineIdp("my-idp", {
  authorization: "loggedIn",
  clients: ["default-idp-client"],
});

const auth = defineAuth("my-auth", {
  userProfile: {
    type: user,
    usernameField: "email",
    attributes: { role: true },
  },
  // Type-safe: only "default-idp-client" is allowed
  idProvider: idp.provider("sample", "default-idp-client"),
});

export default defineConfig({
  idp: [idp],
  auth,
});
Parameters:
providerName
string
required
Name for the provider reference
clientName
string
required
Must be one of the clients defined in the IdP’s clients array
The second argument only accepts client names that were defined in the clients array of the IdP configuration.

Password Policy

Configure password requirements for user authentication:
example/tailor.config.ts
const idp = defineIdp("my-idp", {
  authorization: "loggedIn",
  clients: ["default-idp-client"],
  userAuthPolicy: {
    useNonEmailIdentifier: false,
    allowSelfPasswordReset: true,
    passwordRequireUppercase: true,
    passwordRequireLowercase: true,
    passwordRequireNonAlphanumeric: true,
    passwordRequireNumeric: true,
    passwordMinLength: 8,
    passwordMaxLength: 128,
  },
});
userAuthPolicy.useNonEmailIdentifier
boolean
Whether to use non-email identifiers for usernames
userAuthPolicy.allowSelfPasswordReset
boolean
Whether users can reset their own passwords
userAuthPolicy.passwordRequireUppercase
boolean
Require at least one uppercase letter in passwords
userAuthPolicy.passwordRequireLowercase
boolean
Require at least one lowercase letter in passwords
userAuthPolicy.passwordRequireNonAlphanumeric
boolean
Require at least one special character in passwords
userAuthPolicy.passwordRequireNumeric
boolean
Require at least one number in passwords
userAuthPolicy.passwordMinLength
number
Minimum password length
userAuthPolicy.passwordMaxLength
number
Maximum password length