@lobehub/chat 0.135.4 → 0.137.0

package/CHANGELOG.md

@@ -2,6 +2,56 @@
 
 # Changelog
 
+## [Version 0.137.0](https://github.com/lobehub/lobe-chat/compare/v0.136.0...v0.137.0)
+
+<sup>Released on **2024-03-15**</sup>
+
+#### ✨ Features
+
+- **ollama**: Improve connection check method and provide selector for user to control model options.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### What's improved
+
+- **ollama**: Improve connection check method and provide selector for user to control model options, closes [#1397](https://github.com/lobehub/lobe-chat/issues/1397) ([675902f](https://github.com/lobehub/lobe-chat/commit/675902f))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
+## [Version 0.136.0](https://github.com/lobehub/lobe-chat/compare/v0.135.4...v0.136.0)
+
+<sup>Released on **2024-03-15**</sup>
+
+#### ✨ Features
+
+- **misc**: Support azure-ad as a new sso provider.
+
+<br/>
+
+<details>
+<summary><kbd>Improvements and Fixes</kbd></summary>
+
+#### What's improved
+
+- **misc**: Support azure-ad as a new sso provider, closes [#1456](https://github.com/lobehub/lobe-chat/issues/1456) ([6649cd1](https://github.com/lobehub/lobe-chat/commit/6649cd1))
+
+</details>
+
+<div align="right">
+
+[![](https://img.shields.io/badge/-BACK_TO_TOP-151515?style=flat-square)](#readme-top)
+
+</div>
+
 ### [Version 0.135.4](https://github.com/lobehub/lobe-chat/compare/v0.135.3...v0.135.4)
 
 <sup>Released on **2024-03-15**</sup>

package/README.md

@@ -255,14 +255,14 @@ Our marketplace is not just a showcase platform but also a collaborative space.
 
 <!-- AGENT LIST -->
 
-| Recent Submits                                                                                                                                                                            | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
-| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [TikTok Script Writer](https://chat-preview.lobehub.com/market?agent=tiktok-script-writer)<br/><sup>By **[sdhjn19dj1m](https://github.com/sdhjn19dj1m)** on **2024-03-12**</sup>          | This script is tailored for TikTok's short video format, designed to engage and entertain the specified target audience. It incorporates trending elements and best practices for content virality, ensuring the video captures attention from the start. The script is structured to include a captivating opening, concise and impactful message body, and a compelling call-to-action, all while reflecting the user's desired tone and theme.<br/>`tik-tok` `short-video` `viral-content` `trending-hashtag` `engagement` |
-| [Gen Z Engagement Specialist](https://chat-preview.lobehub.com/market?agent=gen-z)<br/><sup>By **[MYSeaIT](https://github.com/MYSeaIT)** on **2024-03-09**</sup>                          | Specializes in engaging Gen Z users with tailored interactions reflecting their preferences and values.<br/>`engagement` `gen-z` `communication` `advice` `interaction`                                                                                                                                                                                                                                                                                                                                                       |
-| [Schedule Management Assistant](https://chat-preview.lobehub.com/market?agent=calendar-manager)<br/><sup>By **[ccdanpian](https://github.com/ccdanpian)** on **2024-03-07**</sup>         | Schedule Management Assistant, calls the time plugin to handle requests for adding, querying, and deleting schedules, supports multiple operations and reminders.<br/>`schedule-management` `time-plugin` `add-schedule` `query-schedule` `delete-schedule`                                                                                                                                                                                                                                                                   |
-| [Business Email Writing Expert](https://chat-preview.lobehub.com/market?agent=business-email)<br/><sup>By **[canisminor1990](https://github.com/canisminor1990)** on **2024-03-06**</sup> | Business email writing expert specializing in bilingual business emails in Chinese and English, cross-cultural communication, and engagement in the GitHub open-source community.<br/>`business-email-writing` `business-cooperation` `business-authorization` `cross-cultural-communication` `git-hub-and-open-source-community`                                                                                                                                                                                             |
-
-> 📊 Total agents: [<kbd>**201**</kbd> ](https://github.com/lobehub/lobe-chat-agents)
+| Recent Submits                                                                                                                                                                               | Description                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |
+| -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| [Amazon Seller Support Agent](https://chat-preview.lobehub.com/market?agent=amazon-seller-support-agent)<br/><sup>By **[etnperlong](https://github.com/etnperlong)** on **2024-03-15**</sup> | AI assistant that assists Amazon sellers in responding to customer service replies, providing detailed and cogent responses towards a satisfactory resolution.<br/>`amazon` `seller` `writing`                                                                                                                                                                                                                                                                                                                                |
+| [TikTok Script Writer](https://chat-preview.lobehub.com/market?agent=tiktok-script-writer)<br/><sup>By **[sdhjn19dj1m](https://github.com/sdhjn19dj1m)** on **2024-03-12**</sup>             | This script is tailored for TikTok's short video format, designed to engage and entertain the specified target audience. It incorporates trending elements and best practices for content virality, ensuring the video captures attention from the start. The script is structured to include a captivating opening, concise and impactful message body, and a compelling call-to-action, all while reflecting the user's desired tone and theme.<br/>`tik-tok` `short-video` `viral-content` `trending-hashtag` `engagement` |
+| [Gen Z Engagement Specialist](https://chat-preview.lobehub.com/market?agent=gen-z)<br/><sup>By **[MYSeaIT](https://github.com/MYSeaIT)** on **2024-03-09**</sup>                             | Specializes in engaging Gen Z users with tailored interactions reflecting their preferences and values.<br/>`engagement` `gen-z` `communication` `advice` `interaction`                                                                                                                                                                                                                                                                                                                                                       |
+| [Schedule Management Assistant](https://chat-preview.lobehub.com/market?agent=calendar-manager)<br/><sup>By **[ccdanpian](https://github.com/ccdanpian)** on **2024-03-07**</sup>            | Schedule Management Assistant, calls the time plugin to handle requests for adding, querying, and deleting schedules, supports multiple operations and reminders.<br/>`schedule-management` `time-plugin` `add-schedule` `query-schedule` `delete-schedule`                                                                                                                                                                                                                                                                   |
+
+> 📊 Total agents: [<kbd>**202**</kbd> ](https://github.com/lobehub/lobe-chat-agents)
 
  <!-- AGENT LIST -->
 

package/README.zh-CN.md

@@ -243,14 +243,14 @@ LobeChat 的插件生态系统是其核心功能的重要扩展，它极大地
 
 <!-- AGENT LIST -->
 
-| 最近新增                                                                                                                                                                      | 助手说明                                                                                                                                                                                                                                                                                                                         |
-| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-| [TikTok 脚本撰写器](https://chat-preview.lobehub.com/market?agent=tiktok-script-writer)<br/><sup>By **[sdhjn19dj1m](https://github.com/sdhjn19dj1m)** on **2024-03-12**</sup> | 此脚本专为 TikTok 的短视频格式量身定制，旨在吸引和娱乐特定目标受众。它融入了流行元素和内容病毒传播的最佳实践，确保视频从一开始就吸引注意力。脚本结构包括引人入胜的开场、简洁而有影响力的主体信息和引人注目的行动号召，同时反映用户期望的语气和主题。<br/>`tik-tok` `short-video` `viral-content` `trending-hashtag` `engagement` |
-| [Gen Z Engagement Specialist](https://chat-preview.lobehub.com/market?agent=gen-z)<br/><sup>By **[MYSeaIT](https://github.com/MYSeaIT)** on **2024-03-09**</sup>              | 专注于通过定制互动反映他们的偏好和价值观，与 Gen Z 用户进行互动。<br/>`engagement` `gen-z` `communication` `advice` `interaction`                                                                                                                                                                                                |
-| [日程管理助手](https://chat-preview.lobehub.com/market?agent=calendar-manager)<br/><sup>By **[ccdanpian](https://github.com/ccdanpian)** on **2024-03-07**</sup>              | 日程管理助手，调用时间插件，处理新增、查询、删除日程请求，支持多种操作和提醒。<br/>`日程管理` `时间插件` `新增日程` `查询日程` `删除日程`                                                                                                                                                                                        |
-| [商务邮件撰写专家](https://chat-preview.lobehub.com/market?agent=business-email)<br/><sup>By **[canisminor1990](https://github.com/canisminor1990)** on **2024-03-06**</sup>  | 商务邮件撰写专家，擅长中英文商务邮件，跨文化沟通，GitHub 开源社区交流。<br/>`商务邮件撰写` `商业合作` `商务授权` `跨文化沟通` `git-hub和开源社区`                                                                                                                                                                                |
-
-> 📊 Total agents: [<kbd>**201**</kbd> ](https://github.com/lobehub/lobe-chat-agents)
+| 最近新增                                                                                                                                                                            | 助手说明                                                                                                                                                                                                                                                                                                                         |
+| ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+| [亚马逊卖家支持代理](https://chat-preview.lobehub.com/market?agent=amazon-seller-support-agent)<br/><sup>By **[etnperlong](https://github.com/etnperlong)** on **2024-03-15**</sup> | AI 助手，协助亚马逊卖家回复客户服务回复，提供详细和有力的回复，以达到令人满意的解决方案。<br/>`亚马逊` `卖家` `写作`                                                                                                                                                                                                             |
+| [TikTok 脚本撰写器](https://chat-preview.lobehub.com/market?agent=tiktok-script-writer)<br/><sup>By **[sdhjn19dj1m](https://github.com/sdhjn19dj1m)** on **2024-03-12**</sup>       | 此脚本专为 TikTok 的短视频格式量身定制，旨在吸引和娱乐特定目标受众。它融入了流行元素和内容病毒传播的最佳实践，确保视频从一开始就吸引注意力。脚本结构包括引人入胜的开场、简洁而有影响力的主体信息和引人注目的行动号召，同时反映用户期望的语气和主题。<br/>`tik-tok` `short-video` `viral-content` `trending-hashtag` `engagement` |
+| [Gen Z Engagement Specialist](https://chat-preview.lobehub.com/market?agent=gen-z)<br/><sup>By **[MYSeaIT](https://github.com/MYSeaIT)** on **2024-03-09**</sup>                    | 专注于通过定制互动反映他们的偏好和价值观，与 Gen Z 用户进行互动。<br/>`engagement` `gen-z` `communication` `advice` `interaction`                                                                                                                                                                                                |
+| [日程管理助手](https://chat-preview.lobehub.com/market?agent=calendar-manager)<br/><sup>By **[ccdanpian](https://github.com/ccdanpian)** on **2024-03-07**</sup>                    | 日程管理助手，调用时间插件，处理新增、查询、删除日程请求，支持多种操作和提醒。<br/>`日程管理` `时间插件` `新增日程` `查询日程` `删除日程`                                                                                                                                                                                        |
+
+> 📊 Total agents: [<kbd>**202**</kbd> ](https://github.com/lobehub/lobe-chat-agents)
 
  <!-- AGENT LIST -->
 

package/docs/self-hosting/advanced/authentication.mdx

@@ -1,94 +1,27 @@
-import { Callout, Steps } from 'nextra/components';
-
 # Identity Verification Service
 
-LobeChat supports configuring external identity verification services for internal use by enterprises/organizations to centrally manage user authorization. Currently, it supports [Auth0][auth0-client-page]. This article will introduce how to configure the identity verification service.
-
-## Configure Identity Verification Service
-
-<Steps>
-  ### Create Auth0 Application
-
-  Register and log in to [Auth0][auth0-client-page], click on the "Applications" in the left navigation bar to switch to the application management interface, and click "Create Application" in the upper right corner to create an application.
-
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/1b405347-f4c3-4c55-82f6-47116f2210d0)
-
-  Fill in the application name you want to display to the organization users, choose any application type, and click "Create".
-
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/75c92f85-3ad3-4473-a9c6-e667e28d428d)
-
-  After successful creation, click on the corresponding application to enter the application details page, switch to the "Settings" tab, and you can see the corresponding configuration information.
-
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/a1ed996b-95ef-4b7d-a50d-b4666eccfecb)
-
-  In the application configuration page, you also need to configure Allowed Callback URLs, where you should fill in:
-
-  ```bash
-  http(s)://your-domain/api/auth/callback/auth0
-  ```
+LobeChat supports the configuration of external identity verification services for internal use within enterprises/organizations to centrally manage user authorization.
 
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/575f46aa-f485-49bd-8b90-dbb1ce1a5c1b)
+Currently supported identity verification services include:
 
-  <Callout type={'info'}>
-    You can fill in or modify Allowed Callback URLs after deployment, but make sure the filled URL is
-    consistent with the deployed URL.
-  </Callout>
+- [Auth0](/en/self-hosting/advanced/sso-providers/auth0)
+- [Microsoft Entra ID](/en/self-hosting/advanced/sso-providers/microsoft-entra-id)
 
-  ### Add Users
-
-  Click on the "Users Management" in the left navigation bar to enter the user management interface, where you can create users for your organization to log in to LobeChat.
-
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/3b8127ab-dc4f-4ff9-a4cb-dec3ef0295cc)
-
-  ### Configure Environment Variables
-
-  When deploying LobeChat, you need to configure the following environment variables:
-
-  | Environment Variable  | Type     | Description                                                                                                                                                                                         |
-  | --------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-  | `ENABLE_OAUTH_SSO`    | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on.                                                                                                                      |
-  | `NEXTAUTH_SECRET`     | Required | Key used to encrypt Auth.js session tokens. You can generate a key using the following command: `openssl rand -base64 32`                                                                           |
-  | `AUTH0_CLIENT_ID`     | Required | Client ID of the Auth0 application                                                                                                                                                                  |
-  | `AUTH0_CLIENT_SECRET` | Required | Client Secret of the Auth0 application                                                                                                                                                              |
-  | `AUTH0_ISSUER`        | Required | Domain of the Auth0 application, `https://example.auth0.com`                                                                                                                                        |
-  | `ACCESS_CODE`         | Required | Add a password to access this service. You can set a sufficiently long random password to "disable" access code authorization.                                                                      |
-  | `NEXTAUTH_URL`        | Optional | The URL is used to specify the callback address for the execution of OAuth authentication in Auth.js. It needs to be set only when the default address is incorrect. `https://example.com/api/auth` |
-
-  You can refer to the related variable details at [Environment Variables](/en/self-hosting/environment-variable#auth0).
-</Steps>
-
-<Callout>
-  After successful deployment, users will be able to authenticate and use LobeChat using the users
-  configured in Auth0.
-</Callout>
+Click on the links to view the corresponding platform's configuration documentation.
 
 ## Advanced Configuration
 
-### Connecting to an Existing Single Sign-On Service
-
-If your enterprise or organization already has a unified identity authentication infrastructure, you can connect to an existing single sign-on service in Applications -> SSO Integrations.
-
-Auth0 supports single sign-on services such as Azure Active Directory, Slack, Google Workspace, Office 365, Zoom, and more. For a detailed list of supported services, please refer to [this link][auth0-sso-integrations].
-
-![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/32650f4f-d0b0-4843-b26d-d35bad11d8a3)
-
-### Configuring Social Login
+To simultaneously enable multiple identity verification sources, please set the `SSO_PROVIDERS` environment variable, separating them with commas, for example, `auth0,azure-ad`.
 
-If your enterprise or organization needs to support external user logins, you can configure social login services in Authentication -> Social.
+The order corresponds to the display order of the SSO providers.
 
-![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/7b6f6a6c-2686-49d8-9dbd-0516053f1efa)
+| SSO Provider       | Value    |
+| ------------------ | -------- |
+| Auth0              | auth0    |
+| Microsoft Entra ID | azure-ad |
 
-<Callout type={'warning'}>
-  Configuring social login services by default allows anyone to authenticate, which may lead to
-  LobeChat being abused by external users.
-</Callout>
+## Other SSO Providers
 
-<Callout>
-  If you need to restrict login users, be sure to configure a **blocking policy**: After enabling
-  the social login option, refer to [this article][auth0-login-actions-manual] to create an Action
-  to set up a blocking/allow list.
-</Callout>
+Please refer to the [NextAuth.js][next-auth-js] documentation and feel free to submit a Pull Request.
 
-[auth0-client-page]: https://manage.auth0.com/dashboard
-[auth0-login-actions-manual]: https://auth0.com/blog/permit-or-deny-login-requests-using-auth0-actions/
-[auth0-sso-integrations]: https://marketplace.auth0.com/features/sso-integrations
+[next-auth-js]: https://next-auth.js.org/providers

package/docs/self-hosting/advanced/authentication.zh-CN.mdx

@@ -1,88 +1,27 @@
-import { Callout, Steps } from 'nextra/components';
-
 # 身份验证服务
 
-LobeChat 支持配置外部身份验证服务，供企业 / 组织内部使用，统一管理用户授权，目前支持 [Auth0][auth0-client-page]，本文将介绍如何配置身份验证服务。
-
-## 配置身份验证服务
-
-<Steps>
-  ### 创建 Auth0 应用
-
-  注册并登录 [Auth0][auth0-client-page]，点击左侧导航栏的「Applications」，切换到应用管理界面，点击右上角「Create Application」以创建应用。
-
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/1b405347-f4c3-4c55-82f6-47116f2210d0)
-
-  填写你想向组织用户显示的应用名称，可选择任意应用类型，点击「Create」。
-
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/75c92f85-3ad3-4473-a9c6-e667e28d428d)
-
-  创建成功后，点击相应的应用，进入应用详情页，切换到「Settings」标签页，就可以看到相应的配置信息
-
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/a1ed996b-95ef-4b7d-a50d-b4666eccfecb)
-
-  在应用配置页面中，还需要配置 Allowed Callback URLs，在此处填写:
-
-  ```bash
-  http(s)://your-domain/api/auth/callback/auth0
-  ```
+LobeChat 支持配置外部身份验证服务，供企业 / 组织内部使用，统一管理用户授权。
 
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/575f46aa-f485-49bd-8b90-dbb1ce1a5c1b)
+目前支持的身份验证服务有：
 
-  <Callout type={'info'}>
-    可以在部署后再填写或修改 Allowed Callback URLs，但是务必保证填写的 URL 与部署的 URL 一致
-  </Callout>
+- [Auth0](/zh/self-hosting/advanced/sso-providers/auth0)
+- [Microsoft Entra ID](/zh/self-hosting/advanced/sso-providers/microsoft-entra-id)
 
-  ### 新增用户
-
-  点击左侧导航栏的「Users Management」，进入用户管理界面，可以为你的组织新建用户，用以登录 LobeChat
-
-  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/3b8127ab-dc4f-4ff9-a4cb-dec3ef0295cc)
-
-  ### 配置环境变量
-
-  在部署 LobeChat 时，你需要配置以下环境变量：
-
-  | 环境变量                  | 类型 | 描述                                                                                          |
-  | --------------------- | -- | ------------------------------------------------------------------------------------------- |
-  | `ENABLE_OAUTH_SSO`    | 必选 | 为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。                                                    |
-  | `NEXTAUTH_SECRET`     | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32`                               |
-  | `AUTH0_CLIENT_ID`     | 必选 | Auth0 应用程序的 Client ID                                                                       |
-  | `AUTH0_CLIENT_SECRET` | 必选 | Auth0 应用程序的 Client Secret                                                                   |
-  | `AUTH0_ISSUER`        | 必选 | Auth0 应用程序的 Domain，`https://example.auth0.com`                                              |
-  | `ACCESS_CODE`         | 必选 | 添加访问此服务的密码，你可以设置一个足够长的随机密码以 “禁用” 访问码授权                                                      |
-  | `NEXTAUTH_URL`        | 可选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |
-
-  前往 [环境变量](/zh/self-hosting/environment-variable#auth0) 可查阅相关变量详情。
-</Steps>
-
-<Callout>部署成功后，用户将可以使用 Auth0 中配置的用户通过身份认证并使用 LobeChat。</Callout>
+点击链接可以查看对应平台的配置文档。
 
 ## 进阶配置
 
-### 连接现有的单点登录服务
-
-如果你的企业或组织已有现有的统一身份认证设施，可在 Applications -> SSO Integrations 中，连接现有的单点登录服务。
-
-Auth0 支持 Azure Active Directory / Slack / Google Workspace / Office 365 / Zoom 等单点登录服务，详细支持列表可参考 [这里][auth0-sso-integrations]
-
-![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/32650f4f-d0b0-4843-b26d-d35bad11d8a3)
-
-### 配置社交登录
+同时启用多个身份验证源请设置 `SSO_PROVIDERS` 环境变量，以逗号 `,` 分割，例如 `auth0,azure-ad`。
 
-如果你的企业或组织需要支持外部人员登录，可以在 Authentication -> Social 中，配置社交登录服务。
+顺序为 SSO 提供商的显示顺序。
 
-![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/7b6f6a6c-2686-49d8-9dbd-0516053f1efa)
+| SSO 提供商            | 值        |
+| ------------------ | -------- |
+| Auth0              | auth0    |
+| Microsoft Entra ID | azure-ad |
 
-<Callout type={'warning'}>
-  配置社交登录服务默认会允许所有人通过认证，这可能会导致 LobeChat 被外部人员滥用。
-</Callout>
+## 其他 SSO 提供商
 
-<Callout>
-  如果你需要限制登录人员，务必配置 **阻止策略**： 请在打开社交登录选项后，参考
-  [这篇文章][auth0-login-actions-manual] 创建 Action 来设置阻止 / 允许列表。
-</Callout>
+请参考 [NextAuth.js][next-auth-js] 文档，欢迎提交 Pull Request。
 
-[auth0-client-page]: https://manage.auth0.com/dashboard
-[auth0-login-actions-manual]: https://auth0.com/blog/permit-or-deny-login-requests-using-auth0-actions/
-[auth0-sso-integrations]: https://marketplace.auth0.com/features/sso-integrations
+[next-auth-js]: https://next-auth.js.org/providers

package/docs/self-hosting/advanced/sso-providers/auth0.mdx

@@ -0,0 +1,91 @@
+import { Callout, Steps } from 'nextra/components';
+
+# Configure Auth0 Identity Verification Service
+
+<Steps>
+  ### Create Auth0 Application
+
+  Register and log in to [Auth0][auth0-client-page], click on the "Applications" in the left navigation bar to switch to the application management interface, and click "Create Application" in the upper right corner to create an application.
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/1b405347-f4c3-4c55-82f6-47116f2210d0)
+
+  Fill in the application name you want to display to the organization users, choose any application type, and click "Create".
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/75c92f85-3ad3-4473-a9c6-e667e28d428d)
+
+  After successful creation, click on the corresponding application to enter the application details page, switch to the "Settings" tab, and you can see the corresponding configuration information.
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/a1ed996b-95ef-4b7d-a50d-b4666eccfecb)
+
+  In the application configuration page, you also need to configure Allowed Callback URLs, where you should fill in:
+
+  ```bash
+  http(s)://your-domain/api/auth/callback/auth0
+  ```
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/575f46aa-f485-49bd-8b90-dbb1ce1a5c1b)
+
+  <Callout type={'info'}>
+    You can fill in or modify Allowed Callback URLs after deployment, but make sure the filled URL is
+    consistent with the deployed URL.
+  </Callout>
+
+  ### Add Users
+
+  Click on the "Users Management" in the left navigation bar to enter the user management interface, where you can create users for your organization to log in to LobeChat.
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/3b8127ab-dc4f-4ff9-a4cb-dec3ef0295cc)
+
+  ### Configure Environment Variables
+
+  When deploying LobeChat, you need to configure the following environment variables:
+
+  | Environment Variable  | Type     | Description                                                                                                                                                                                         |
+  | --------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+  | `ENABLE_OAUTH_SSO`    | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on.                                                                                                                      |
+  | `NEXTAUTH_SECRET`     | Required | Key used to encrypt Auth.js session tokens. You can generate a key using the following command: `openssl rand -base64 32`                                                                           |
+  | `SSO_PROVIDERS`       | Optional | Select the single sign-on provider for LoboChat. Use `auth0` for Auth0.                                                                                                                             |
+  | `AUTH0_CLIENT_ID`     | Required | Client ID of the Auth0 application                                                                                                                                                                  |
+  | `AUTH0_CLIENT_SECRET` | Required | Client Secret of the Auth0 application                                                                                                                                                              |
+  | `AUTH0_ISSUER`        | Required | Domain of the Auth0 application, `https://example.auth0.com`                                                                                                                                        |
+  | `ACCESS_CODE`         | Required | Add a password to access this service. You can set a sufficiently long random password to "disable" access code authorization.                                                                      |
+  | `NEXTAUTH_URL`        | Optional | The URL is used to specify the callback address for the execution of OAuth authentication in Auth.js. It needs to be set only when the default address is incorrect. `https://example.com/api/auth` |
+
+  <Callout type={'info'}>You can refer to the related variable details at [📘Environment Variables](/en/self-hosting/environment-variable#auth0).</Callout>
+</Steps>
+
+<Callout>
+  After successful deployment, users will be able to authenticate and use LobeChat using the users
+  configured in Auth0.
+</Callout>
+
+## Advanced Configuration
+
+### Connecting to an Existing Single Sign-On Service
+
+If your enterprise or organization already has a unified identity authentication infrastructure, you can connect to an existing single sign-on service in Applications -> SSO Integrations.
+
+Auth0 supports single sign-on services such as Azure Active Directory, Slack, Google Workspace, Office 365, Zoom, and more. For a detailed list of supported services, please refer to [this link][auth0-sso-integrations].
+
+![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/32650f4f-d0b0-4843-b26d-d35bad11d8a3)
+
+### Configuring Social Login
+
+If your enterprise or organization needs to support external user logins, you can configure social login services in Authentication -> Social.
+
+![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/7b6f6a6c-2686-49d8-9dbd-0516053f1efa)
+
+<Callout type={'warning'}>
+  Configuring social login services by default allows anyone to authenticate, which may lead to
+  LobeChat being abused by external users.
+</Callout>
+
+<Callout>
+  If you need to restrict login users, be sure to configure a **blocking policy**: After enabling
+  the social login option, refer to [this article][auth0-login-actions-manual] to create an Action
+  to set up a blocking/allow list.
+</Callout>
+
+[auth0-client-page]: https://manage.auth0.com/dashboard
+[auth0-login-actions-manual]: https://auth0.com/blog/permit-or-deny-login-requests-using-auth0-actions/
+[auth0-sso-integrations]: https://marketplace.auth0.com/features/sso-integrations

package/docs/self-hosting/advanced/sso-providers/auth0.zh-CN.mdx

@@ -0,0 +1,85 @@
+import { Callout, Steps } from 'nextra/components';
+
+# 配置 Auth0 身份验证服务
+
+<Steps>
+  ### 创建 Auth0 应用
+
+  注册并登录 [Auth0][auth0-client-page]，点击左侧导航栏的「Applications」，切换到应用管理界面，点击右上角「Create Application」以创建应用。
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/1b405347-f4c3-4c55-82f6-47116f2210d0)
+
+  填写你想向组织用户显示的应用名称，可选择任意应用类型，点击「Create」。
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/75c92f85-3ad3-4473-a9c6-e667e28d428d)
+
+  创建成功后，点击相应的应用，进入应用详情页，切换到「Settings」标签页，就可以看到相应的配置信息
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/a1ed996b-95ef-4b7d-a50d-b4666eccfecb)
+
+  在应用配置页面中，还需要配置 Allowed Callback URLs，在此处填写:
+
+  ```bash
+  http(s)://your-domain/api/auth/callback/auth0
+  ```
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/575f46aa-f485-49bd-8b90-dbb1ce1a5c1b)
+
+  <Callout type={'info'}>
+    可以在部署后再填写或修改 Allowed Callback URLs，但是务必保证填写的 URL 与部署的 URL 一致
+  </Callout>
+
+  ### 新增用户
+
+  点击左侧导航栏的「Users Management」，进入用户管理界面，可以为你的组织新建用户，用以登录 LobeChat
+
+  ![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/3b8127ab-dc4f-4ff9-a4cb-dec3ef0295cc)
+
+  ### 配置环境变量
+
+  在部署 LobeChat 时，你需要配置以下环境变量：
+
+  | 环境变量                  | 类型 | 描述                                                                                          |
+  | --------------------- | -- | ------------------------------------------------------------------------------------------- |
+  | `ENABLE_OAUTH_SSO`    | 必选 | 为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。                                                    |
+  | `NEXTAUTH_SECRET`     | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32`                               |
+  | `SSO_PROVIDERS`       | 必选 | 选择 LoboChat 的单点登录提供商。使用 Auth0 请填写 `auth0`。                                                  |
+  | `AUTH0_CLIENT_ID`     | 必选 | Auth0 应用程序的 Client ID                                                                       |
+  | `AUTH0_CLIENT_SECRET` | 必选 | Auth0 应用程序的 Client Secret                                                                   |
+  | `AUTH0_ISSUER`        | 必选 | Auth0 应用程序的 Domain，`https://example.auth0.com`                                              |
+  | `ACCESS_CODE`         | 必选 | 添加访问此服务的密码，你可以设置一个足够长的随机密码以 “禁用” 访问码授权                                                      |
+  | `NEXTAUTH_URL`        | 可选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |
+
+  <Callout type={'info'}> 前往 [📘 环境变量](/zh/self-hosting/environment-variable#auth0) 可查阅相关变量详情。</Callout>
+</Steps>
+
+<Callout type={'info'}>部署成功后，用户将可以使用 Auth0 中配置的用户通过身份认证并使用 LobeChat。</Callout>
+
+## 进阶配置
+
+### 连接现有的单点登录服务
+
+如果你的企业或组织已有现有的统一身份认证设施，可在 Applications -> SSO Integrations 中，连接现有的单点登录服务。
+
+Auth0 支持 Azure Active Directory / Slack / Google Workspace / Office 365 / Zoom 等单点登录服务，详细支持列表可参考 [这里][auth0-sso-integrations]
+
+![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/32650f4f-d0b0-4843-b26d-d35bad11d8a3)
+
+### 配置社交登录
+
+如果你的企业或组织需要支持外部人员登录，可以在 Authentication -> Social 中，配置社交登录服务。
+
+![](https://github.com/CloudPassenger/lobe-chat/assets/30863298/7b6f6a6c-2686-49d8-9dbd-0516053f1efa)
+
+<Callout type={'warning'}>
+  配置社交登录服务默认会允许所有人通过认证，这可能会导致 LobeChat 被外部人员滥用。
+</Callout>
+
+<Callout>
+  如果你需要限制登录人员，务必配置 **阻止策略**： 请在打开社交登录选项后，参考
+  [这篇文章][auth0-login-actions-manual] 创建 Action 来设置阻止 / 允许列表。
+</Callout>
+
+[auth0-client-page]: https://manage.auth0.com/dashboard
+[auth0-login-actions-manual]: https://auth0.com/blog/permit-or-deny-login-requests-using-auth0-actions/
+[auth0-sso-integrations]: https://marketplace.auth0.com/features/sso-integrations

package/docs/self-hosting/advanced/sso-providers/microsoft-entra-id.mdx

@@ -0,0 +1,69 @@
+# Configuration of Microsoft Entra ID Authentication Service
+
+<Steps>
+  ### Create a Microsoft Entra ID Application
+
+  In your [Microsoft Azure Portal][microsoft-azure-portal], go to Microsoft Entra ID -> App registrations -> New registration to create a new application.
+
+  Fill in the desired application name to be displayed to organizational users, choose the account types you wish to support, and if only internal users are supported, select `Accounts in this organizational directory only (Default Directory only - Single tenant)`.
+
+  In the `Redirect URI (optional)` section, for the application type, select `Web`, and in the Callback URL, enter:
+
+  ```bash
+  https://<your-domain>/api/auth/callback/azure-ad
+  ```
+
+  <Callout type={'info'}>
+    - You can fill in or modify the Redirect URIs after registering, but make sure the URL you enter matches the deployed URL.
+    - Please replace "your-domain" with your own domain.
+  </Callout>
+
+  ![App Register](https://github.com/lobehub/lobe-chat/assets/13883964/4f9d83bd-b3fc-4abc-bcf4-ccbad65c219d)
+
+  Click on "Register".
+
+  After successfully creating the application, click on the corresponding application to enter the application details page, and switch to the "Overview" tab to view the corresponding configuration information.
+
+  ![App Overview](https://github.com/lobehub/lobe-chat/assets/13883964/48a0b702-05bd-4ce4-a007-a8ad00a36e5a)
+
+  Go to "Certificates & secrets", select the "Client secrets" tab, click on "New client secret", fill in the description, select the expiration time, and click on "Add" to create a new client secret.
+
+  ![Create App Client Secret](https://github.com/lobehub/lobe-chat/assets/13883964/c9d66fa0-158c-4bd3-a1fa-969e638259d2)
+
+  <Callout type={'info'}>Please make sure to save your client secret as this is your only chance to view it.</Callout>
+
+  ### Add Users
+
+  Go back to the "Microsoft Entra ID" interface, enter "Users", click on "New user", fill in the user information, and click on "Create" to create a user for using LobeChat.
+
+  ### Configure Environment Variables
+
+  When deploying LobeChat, you need to configure the following environment variables:
+
+  | Environment Variable     | Type     | Description                                                                                                                                                                                                                |
+  | ------------------------ | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
+  | `ENABLE_OAUTH_SSO`       | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on.                                                                                                                                             |
+  | `NEXTAUTH_SECRET`        | Required | Key used to encrypt Auth.js session tokens. You can generate the key using the following command: `openssl rand -base64 32`                                                                                                |
+  | `SSO_PROVIDERS`          | Required | Select the single sign-on provider for LoboChat. Use `azure-ad` for Microsoft Entra ID.                                                                                                                                    |
+  | `AZURE_AD_CLIENT_ID`     | Required | Client ID of the Microsoft Entra ID application.                                                                                                                                                                           |
+  | `AZURE_AD_CLIENT_SECRET` | Required | Client Secret of the Microsoft Entra ID application.                                                                                                                                                                       |
+  | `AZURE_AD_TENANT_ID`     | Required | Tenant ID of the Microsoft Entra ID application.                                                                                                                                                                           |
+  | `ACCESS_CODE`            | Required | Add a password for accessing this service, you can set a sufficiently long random password to "disable" access code authorization.                                                                                         |
+  | `NEXTAUTH_URL`           | Optional | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. It is only necessary to set it when the default generated redirect address is incorrect. `https://example.com/api/auth` |
+
+  <Callout type={'info'}>You can refer to [📘 environment variables](/en/self-hosting/environment-variable#microsoft-entra-id) for details on related variables.</Callout>
+</Steps>
+
+<Callout>After successful deployment, users will be able to authenticate and use LobeChat using the users configured in Microsoft Entra ID.</Callout>
+
+## Advanced Configuration
+
+Please explore further in the [Microsoft Entra ID Learning Center][microsoft-learn-entra].
+
+## Related Resources
+
+- [Quickstart: Register an app][microsoft-entra-register-app]
+
+[microsoft-azure-portal]: https://portal.azure.com/
+[microsoft-entra-register-app]: https://learn.microsoft.com/en-us/entra/identity-platform/quickstart-register-app
+[microsoft-learn-entra]: https://learn.microsoft.com/en-us/entra/identity/