[Feat] SSO - add provider in the OpenID field for custom sso (#5849)

* service_account_settings on config

* include provider in OpenID for custom sso

* add GENERIC_PROVIDER_ATTRIBUTE to docs

* use correct naming scheme

docs/my-website/docs/proxy/ui.md

@@ -180,6 +180,7 @@ GENERIC_USER_DISPLAY_NAME_ATTRIBUTE = "display_name"
 GENERIC_USER_FIRST_NAME_ATTRIBUTE = "first_name"
 GENERIC_USER_LAST_NAME_ATTRIBUTE = "last_name"
 GENERIC_USER_ROLE_ATTRIBUTE = "given_role"
+GENERIC_USER_PROVIDER_ATTRIBUTE = "provider"
 GENERIC_CLIENT_STATE = "some-state" # if the provider needs a state parameter
 GENERIC_INCLUDE_CLIENT_ID = "false" # some providers enforce that the client_id is not in the body
 GENERIC_SCOPE = "openid profile email" # default scope openid is sometimes not enough to retrieve basic user info like first_name and last_name located in profile scope

litellm/proxy/management_endpoints/ui_sso.py

@@ -356,6 +356,10 @@ async def auth_callback(request: Request):
             "GENERIC_USER_LAST_NAME_ATTRIBUTE", "last_name"
         )
 
+        generic_provider_attribute_name = os.getenv(
+            "GENERIC_USER_PROVIDER_ATTRIBUTE", "provider"
+        )
+
         verbose_proxy_logger.debug(
             f" generic_user_id_attribute_name: {generic_user_id_attribute_name}\n generic_user_email_attribute_name: {generic_user_email_attribute_name}\n generic_user_role_attribute_name: {generic_user_role_attribute_name}"
         )
@@ -373,6 +377,7 @@ async def auth_callback(request: Request):
                 email=response.get(generic_user_email_attribute_name),
                 first_name=response.get(generic_user_first_name_attribute_name),
                 last_name=response.get(generic_user_last_name_attribute_name),
+                provider=response.get(generic_provider_attribute_name),
             )
 
         SSOProvider = create_provider(

litellm/proxy/proxy_config.yaml

@@ -24,34 +24,8 @@ litellm_settings:
   cache: true
   # callbacks: ["otel"]
 
-guardrails:
-  - guardrail_name: "aporia-pre-guard"
-    litellm_params:
-      guardrail: aporia  # supported values: "aporia", "bedrock", "lakera"
-      mode: "post_call"
-      api_key: os.environ/APORIA_API_KEY_1
-      api_base: os.environ/APORIA_API_BASE_1
-  - guardrail_name: "aporia-post-guard"
-    litellm_params:
-      guardrail: aporia  # supported values: "aporia", "bedrock", "lakera"
-      mode: "post_call"
-      api_key: os.environ/APORIA_API_KEY_2
-      api_base: os.environ/APORIA_API_BASE_2
-  - guardrail_name: "bedrock-pre-guard"
-    litellm_params:
-      guardrail: bedrock  # supported values: "aporia", "bedrock", "lakera"
-      mode: "during_call"
-      guardrailIdentifier: ff6ujrregl1q
-      guardrailVersion: "DRAFT"
-  - guardrail_name: "custom-pre-guard"
-    litellm_params:
-      guardrail: custom_guardrail.myCustomGuardrail  
-      mode: "pre_call"
-  - guardrail_name: "custom-during-guard"
-    litellm_params:
-      guardrail: custom_guardrail.myCustomGuardrail  
-      mode: "during_call"
-  - guardrail_name: "custom-post-guard"
-    litellm_params:
-      guardrail: custom_guardrail.myCustomGuardrail
-      mode: "post_call"
+
+general_settings:
+  service_account_settings:
+    required_params: ["user"]
+