decaporg · erquhart · Apr 25, 2018 · Apr 20, 2018 · tech4him1 · Apr 24, 2018
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,8 @@
     Changes that have landed in master but are not yet released.
     Click to see more.
   </summary>
+
+  * allow custom auth endpoint ([@erquhart](https://github.com/erquhart) in [#1294](https://github.com/netlify/netlify-cms/pull/1294))
 </details>
 
 ## 1.6.0 (April 19, 2018) ([demo](https://5ad8e1ebb31274466632d026--cms-demo.netlify.com/#/))

diff --git a/src/backends/github/AuthenticationPage.js b/src/backends/github/AuthenticationPage.js
@@ -7,6 +7,9 @@ export default class AuthenticationPage extends React.Component {
   static propTypes = {
     onLogin: PropTypes.func.isRequired,
     inProgress: PropTypes.bool,
+    base_url: PropTypes.string,
+    siteId: PropTypes.string,
+    authEndpoint: PropTypes.string,
   };
 
   state = {};
@@ -15,7 +18,8 @@ export default class AuthenticationPage extends React.Component {
     e.preventDefault();
     const cfg = {
       base_url: this.props.base_url,
-      site_id: (document.location.host.split(':')[0] === 'localhost') ? 'cms.netlify.com' : this.props.siteId
+      site_id: (document.location.host.split(':')[0] === 'localhost') ? 'cms.netlify.com' : this.props.siteId,
+      auth_endpoint: this.props.authEndpoint,
     };
     const auth = new Authenticator(cfg);
 

diff --git a/src/components/App/App.js b/src/components/App/App.js
@@ -84,6 +84,7 @@ class App extends React.Component {
             isFetching: auth && auth.get('isFetching'),
             siteId: this.props.config.getIn(["backend", "site_domain"]),
             base_url: this.props.config.getIn(["backend", "base_url"], null),
+            authEndpoint: this.props.config.getIn(["backend", "auth_endpoint"]),
             config: this.props.config,
           })
         }

diff --git a/src/lib/netlify-auth.js b/src/lib/netlify-auth.js
@@ -1,4 +1,7 @@
+import { trim, trimEnd } from 'lodash';
+
 const NETLIFY_API = 'https://api.netlify.com';
+const AUTH_ENDPOINT = 'auth';
 
 class NetlifyError {
   constructor(err) {
@@ -31,7 +34,8 @@ const PROVIDERS = {
 class Authenticator {
   constructor(config = {}) {
     this.site_id = config.site_id || null;
-    this.base_url = config.base_url || NETLIFY_API;
+    this.base_url = trimEnd(config.base_url, '/') || NETLIFY_API;
+    this.auth_endpoint = trim(config.auth_endpoint, '/') || AUTH_ENDPOINT;
   }
 
   handshakeCallback(options, cb) {
@@ -93,7 +97,7 @@ class Authenticator {
     left = (screen.width / 2) - (conf.width / 2);
     top = (screen.height / 2) - (conf.height / 2);
     window.addEventListener('message', this.handshakeCallback(options, cb), false);
-    url = this.base_url + '/auth?provider=' + options.provider + '&site_id=' + siteID;
+    url = `${this.base_url}/${this.auth_endpoint}?provider=${options.provider}&site_id=${siteID}`;
     if (options.scope) {
       url += '&scope=' + options.scope;
     }

diff --git a/website/site/content/docs/authentication-backends.md b/website/site/content/docs/authentication-backends.md
@@ -86,11 +86,12 @@ Both `git-gateway` and `github` backends allow some additional optional fields f
 cases. A full reference is below. Note that these are properties of the `backend` field, and should
 be nested under that field.
 
-| Field          | Default                                                        | Description                                                                                                                                          |
-| -------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
-| `repo`         | none                                                           | **Required** for `github` backend; ignored by `git-gateway`. Follows the pattern `[org-or-username]/[repo-name]`.                                    |
-| `accept_roles` | none                                                           | `git-gateway` only. Limits CMS access to your defined array of user roles. Omitting this field gives access to all registered users.                 |
-| `branch`       | `master`                                                       | The branch where published content is stored. All CMS commits and PRs are made to this branch.                                                       |
-| `api_root`     | `https://api.github.com` (ignored for `git-gateway` backend)   | The API endpoint. Only necessary in certain cases, like with GitHub Enterprise.                                                                      |
-| `site_domain`  | `location.hostname` (or `cms.netlify.com` when on `localhost`) | Sets the `site_id` query param sent to the API endpoint. Non-Netlify auth setups will often need to set this for local development to work properly. |
-| `base_url`     | `https://api.netlify.com`                                      | OAuth client URL for the `github` backend. **Required** when using an external OAuth server with the `github` backend.                               |
+| Field           | Default                                                        | Description                                                                                                                                          |
+| --------------- | -------------------------------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------- |
+| `repo`          | none                                                           | **Required** for `github` backend; ignored by `git-gateway`. Follows the pattern `[org-or-username]/[repo-name]`.                                    |
+| `accept_roles`  | none                                                           | `git-gateway` only. Limits CMS access to your defined array of user roles. Omitting this field gives access to all registered users.                 |
+| `branch`        | `master`                                                       | The branch where published content is stored. All CMS commits and PRs are made to this branch.                                                       |
+| `api_root`      | `https://api.github.com` (ignored for `git-gateway` backend)   | The API endpoint. Only necessary in certain cases, like with GitHub Enterprise.                                                                      |
+| `site_domain`   | `location.hostname` (or `cms.netlify.com` when on `localhost`) | Sets the `site_id` query param sent to the API endpoint. Non-Netlify auth setups will often need to set this for local development to work properly. |
+| `base_url`      | `https://api.netlify.com`                                      | OAuth client URL for the `github` backend. **Required** when using an external OAuth server with the `github` backend.                               |
+| `auth_endpoint` | `auth`                                                         | Path to append to `base_url` for authentication requests. Optional.                                                                                  |