Merge pull request #903 from Infisical/integration-setup-docs

Add self-hosted setup/configuration docs for OAuth2 integrations
2025-03-31 22:09:57 +00:00 · 2023-08-27 12:16:26 +01:00
parent 6bb5e7078f ad61fa845c
commit d8094b2ab1
60 changed files with 287 additions and 35 deletions
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-aad.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-aad.png
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-1.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-1.png
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-2.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-2.png
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-3.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-3.png
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-new-app-form.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-new-app-form.png
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-new-app.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-config-new-app.png
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-create.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-create.png
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-vault-uri.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault-vault-uri.png
--- a/docs/images/integrations/azure-key-vault/integrations-azure-key-vault.png
+++ b/docs/images/integrations/azure-key-vault/integrations-azure-key-vault.png
--- a/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-auth.png
+++ b/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-auth.png
--- a/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-api-services.png
+++ b/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-api-services.png
--- a/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-credentials.png
+++ b/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-credentials.png
--- a/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-new-app-form.png
+++ b/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-new-app-form.png
--- a/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-new-app.png
+++ b/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-new-app.png
--- a/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-create.png
+++ b/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-create.png
--- a/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager.png
+++ b/docs/images/integrations/gcp-secret-manager/integrations-gcp-secret-manager.png
--- a/docs/images/integrations/github/integrations-github-auth.png
+++ b/docs/images/integrations/github/integrations-github-auth.png
--- a/docs/images/integrations/github/integrations-github-config-credentials.png
+++ b/docs/images/integrations/github/integrations-github-config-credentials.png
--- a/docs/images/integrations/github/integrations-github-config-dev-settings.png
+++ b/docs/images/integrations/github/integrations-github-config-dev-settings.png
--- a/docs/images/integrations/github/integrations-github-config-new-app-form.png
+++ b/docs/images/integrations/github/integrations-github-config-new-app-form.png
--- a/docs/images/integrations/github/integrations-github-config-new-app.png
+++ b/docs/images/integrations/github/integrations-github-config-new-app.png
--- a/docs/images/integrations/github/integrations-github-config-settings.png
+++ b/docs/images/integrations/github/integrations-github-config-settings.png
--- a/docs/images/integrations/github/integrations-github.png
+++ b/docs/images/integrations/github/integrations-github.png
--- a/docs/images/integrations/gitlab/integrations-gitlab-auth.png
+++ b/docs/images/integrations/gitlab/integrations-gitlab-auth.png
--- a/docs/images/integrations/gitlab/integrations-gitlab-config-credentials.png
+++ b/docs/images/integrations/gitlab/integrations-gitlab-config-credentials.png
--- a/docs/images/integrations/gitlab/integrations-gitlab-config-edit-profile.png
+++ b/docs/images/integrations/gitlab/integrations-gitlab-config-edit-profile.png
--- a/docs/images/integrations/gitlab/integrations-gitlab-config-new-app-form.png
+++ b/docs/images/integrations/gitlab/integrations-gitlab-config-new-app-form.png
--- a/docs/images/integrations/gitlab/integrations-gitlab-config-new-app.png
+++ b/docs/images/integrations/gitlab/integrations-gitlab-config-new-app.png
--- a/docs/images/integrations/gitlab/integrations-gitlab-create.png
+++ b/docs/images/integrations/gitlab/integrations-gitlab-create.png
--- a/docs/images/integrations/gitlab/integrations-gitlab.png
+++ b/docs/images/integrations/gitlab/integrations-gitlab.png
--- a/docs/images/integrations/heroku/integrations-heroku-auth.png
+++ b/docs/images/integrations/heroku/integrations-heroku-auth.png
--- a/docs/images/integrations/heroku/integrations-heroku-config-applications.png
+++ b/docs/images/integrations/heroku/integrations-heroku-config-applications.png
--- a/docs/images/integrations/heroku/integrations-heroku-config-credentials.png
+++ b/docs/images/integrations/heroku/integrations-heroku-config-credentials.png
--- a/docs/images/integrations/heroku/integrations-heroku-config-new-app-form.png
+++ b/docs/images/integrations/heroku/integrations-heroku-config-new-app-form.png
--- a/docs/images/integrations/heroku/integrations-heroku-config-new-app.png
+++ b/docs/images/integrations/heroku/integrations-heroku-config-new-app.png
--- a/docs/images/integrations/heroku/integrations-heroku-config-settings.png
+++ b/docs/images/integrations/heroku/integrations-heroku-config-settings.png
--- a/docs/images/integrations/heroku/integrations-heroku-create.png
+++ b/docs/images/integrations/heroku/integrations-heroku-create.png
--- a/docs/images/integrations/heroku/integrations-heroku.png
+++ b/docs/images/integrations/heroku/integrations-heroku.png
--- a/docs/images/integrations/netlify/integrations-netlify-auth.png
+++ b/docs/images/integrations/netlify/integrations-netlify-auth.png
--- a/docs/images/integrations/netlify/integrations-netlify-config-credentials.png
+++ b/docs/images/integrations/netlify/integrations-netlify-config-credentials.png
--- a/docs/images/integrations/netlify/integrations-netlify-config-new-app-form.png
+++ b/docs/images/integrations/netlify/integrations-netlify-config-new-app-form.png
--- a/docs/images/integrations/netlify/integrations-netlify-config-new-app.png
+++ b/docs/images/integrations/netlify/integrations-netlify-config-new-app.png
--- a/docs/images/integrations/netlify/integrations-netlify-config-user-settings.png
+++ b/docs/images/integrations/netlify/integrations-netlify-config-user-settings.png
--- a/docs/images/integrations/netlify/integrations-netlify-create.png
+++ b/docs/images/integrations/netlify/integrations-netlify-create.png
--- a/docs/images/integrations/netlify/integrations-netlify.png
+++ b/docs/images/integrations/netlify/integrations-netlify.png
--- a/docs/images/integrations/vercel/integrations-vercel-auth.png
+++ b/docs/images/integrations/vercel/integrations-vercel-auth.png
--- a/docs/images/integrations/vercel/integrations-vercel-config-credentials.png
+++ b/docs/images/integrations/vercel/integrations-vercel-config-credentials.png
--- a/docs/images/integrations/vercel/integrations-vercel-config-integrations-console.png
+++ b/docs/images/integrations/vercel/integrations-vercel-config-integrations-console.png
--- a/docs/images/integrations/vercel/integrations-vercel-config-new-app-form-1.png
+++ b/docs/images/integrations/vercel/integrations-vercel-config-new-app-form-1.png
--- a/docs/images/integrations/vercel/integrations-vercel-config-new-app-form-2.png
+++ b/docs/images/integrations/vercel/integrations-vercel-config-new-app-form-2.png
--- a/docs/images/integrations/vercel/integrations-vercel-config-new-app.png
+++ b/docs/images/integrations/vercel/integrations-vercel-config-new-app.png
--- a/docs/images/integrations/vercel/integrations-vercel-create.png
+++ b/docs/images/integrations/vercel/integrations-vercel-create.png
--- a/docs/images/integrations/vercel/integrations-vercel.png
+++ b/docs/images/integrations/vercel/integrations-vercel.png
--- a/docs/integrations/cicd/githubactions.mdx
+++ b/docs/integrations/cicd/githubactions.mdx
@ -3,7 +3,9 @@ title: "GitHub Actions"
 description: "How to sync secrets from Infisical to GitHub Actions"
 ---

-<Warning>
+<Tabs>
+  <Tab title="Usage">
+  <Warning>
    Infisical can sync secrets to GitHub repo secrets only. If your repo uses environment secrets, then stay tuned with this [issue](https://github.com/Infisical/infisical/issues/54).
 </Warning>

@ -20,7 +22,7 @@ Prerequisites:

 Press on the GitHub tile and grant Infisical access to your GitHub account (repo privileges only).

-![integrations github authorization](../../images/integrations-github-auth.png)
+![integrations github authorization](../../images/integrations/github/integrations-github-auth.png)

 <Info>
  If this is your project's first cloud integration, then you'll have to grant Infisical access to your project's environment variables.
@ -31,5 +33,43 @@ Press on the GitHub tile and grant Infisical access to your GitHub account (repo

 Select which Infisical environment secrets you want to sync to which GitHub repo and press start integration to start syncing secrets to the repo.

-![integrations github](../../images/integrations-github.png)
+![integrations github](../../images/integrations/github/integrations-github.png)
+  </Tab>
+  <Tab title="Self-Hosted Setup">
+    Using the GitHub integration on a self-hosted instance of Infisical requires configuring an OAuth application in GitHub
+    and registering your instance with it.
+    
+    ## Create an OAuth application in GitHub
+    
+    Navigate to your user Settings > Developer settings > OAuth Apps to create a new GitHub OAuth application.
+    
+   ![integrations github config](../../images/integrations/github/integrations-github-config-settings.png) 
+   ![integrations github config](../../images/integrations/github/integrations-github-config-dev-settings.png) 
+   ![integrations github config](../../images/integrations/github/integrations-github-config-new-app.png) 
+
+    Create the OAuth application. As part of the form, set the **Homepage URL** to your self-hosted domain `https://your-domain.com`
+    and the **Authorization callback URL** to `https://your-domain.com/integrations/github/oauth2/callback`.
+
+   ![integrations github config](../../images/integrations/github/integrations-github-config-new-app-form.png) 
+    
+    <Note>
+      If you have a GitHub organization, you can create an OAuth application under it
+      in your organization Settings > Developer settings > OAuth Apps > New Org OAuth App.
+    </Note>
+    
+    ## Add your OAuth application credentials to Infisical
+    
+    Obtain the **Client ID** and generate a new **Client Secret** for your GitHub OAuth application.
+   
+   ![integrations github config](../../images/integrations/github/integrations-github-config-credentials.png) 
+   
+   Back in your Infisical instance, add two new environment variables for the credentials of your GitHub OAuth application:
+
+   - `CLIENT_ID_GITHUB`: The **Client ID** of your GitHub OAuth application.
+   - `CLIENT_SECRET_GITHUB`: The **Client Secret** of your GitHub OAuth application.
+   
+  Once added, restart your Infisical instance and use the GitHub integration.
+   
+  </Tab>
+</Tabs>

--- a/docs/integrations/cicd/gitlab.mdx
+++ b/docs/integrations/cicd/gitlab.mdx
@ -3,12 +3,14 @@ title: "GitLab"
 description: "How to sync secrets from Infisical to GitLab"
 ---

-Prerequisites:
+<Tabs>
+  <Tab title="Usage">
+  Prerequisites:

 - Set up and add envars to [Infisical Cloud](https://app.infisical.com)

-<Tabs>
-  <Tab title="Standard">
+<AccordionGroup>
+  <Accordion title="Standard">
  ## Navigate to your project's integrations tab

 ![integrations](../../images/integrations.png)
@ -17,7 +19,7 @@ Prerequisites:

 Press on the GitLab tile and grant Infisical access to your GitLab account.

-![integrations gitlab authorization](../../images/integrations-gitlab-auth.png)
+![integrations gitlab authorization](../../images/integrations/gitlab/integrations-gitlab-auth.png)

 <Info>
  If this is your project's first cloud integration, then you'll have to grant
@ -29,13 +31,11 @@ Press on the GitLab tile and grant Infisical access to your GitLab account.

 Select which Infisical environment secrets you want to sync to which GitLab repository and press create integration to start syncing secrets to GitLab.

-![integrations gitlab](../../images/integrations-gitlab-create.png)
-![integrations gitlab](../../images/integrations-gitlab.png)
-
-  </Tab>
-  <Tab title="Pipeline">
-
-## Generate service token
+![integrations gitlab](../../images/integrations/gitlab/integrations-gitlab-create.png)
+![integrations gitlab](../../images/integrations/gitlab/integrations-gitlab.png)
+  </Accordion>
+  <Accordion title="Pipeline">
+  ## Generate service token

 Generate an [Infisical Token](/documentation/platform/token) for the specific project and environment in Infisical.

@ -65,6 +65,42 @@ build-job:
    - apt-get update && apt-get install -y infisical
    - infisical run -- npm run build
 ```
+  </Accordion>
+</AccordionGroup>
+  </Tab>
+  <Tab title="Self-Hosted Setup">
+  Using the GitLab integration on a self-hosted instance of Infisical requires configuring an application in GitLab
+  and registering your instance with it.

+  ## Create an OAuth application in GitLab
+    
+    Navigate to your user Settings > Applications to create a new GitLab application.
+   
+   ![integrations gitlab config](../../images/integrations/gitlab/integrations-gitlab-config-edit-profile.png) 
+   ![integrations gitlab config](../../images/integrations/gitlab/integrations-gitlab-config-new-app.png) 
+    
+    Create the application. As part of the form, set the **Redirect URI** to `https://your-domain.com/integrations/gitlab/oauth2/callback`.
+
+   ![integrations gitlab config](../../images/integrations/gitlab/integrations-gitlab-config-new-app-form.png) 
+   
+    <Note>
+      If you have a GitLab group, you can create an OAuth application under it
+      in your group Settings > Applications.
+    </Note>
+   
+   ## Add your OAuth application credentials to Infisical
+   
+   Obtain the **Application ID** and **Secret** for your GitLab application.
+   
+   ![integrations gitlab config](../../images/integrations/gitlab/integrations-gitlab-config-credentials.png) 
+   
+   Back in your Infisical instance, add two new environment variables for the credentials of your GitLab application:
+
+   - `CLIENT_ID_GITLAB`: The **Client ID** of your GitLab application.
+   - `CLIENT_SECRET_GITLAB`: The **Client Secret** of your GitLab application.
+   
+  Once added, restart your Infisical instance and use the GitLab integration.
+  
  </Tab>
 </Tabs>
+
--- a/docs/integrations/cloud/azure-key-vault.mdx
+++ b/docs/integrations/cloud/azure-key-vault.mdx
@ -3,7 +3,9 @@ title: "Azure Key Vault"
 description: "How to sync secrets from Infisical to Azure Key Vault"
 ---

-Prerequisites:
+<Tabs>
+  <Tab title="Usage">
+  Prerequisites:

 - Set up and add envars to [Infisical Cloud](https://app.infisical.com)
 - Set up Azure and have an existing key vault
@ -20,13 +22,13 @@ Press on the Azure Key Vault tile and grant Infisical access to Azure Key Vault.

 Obtain the Vault URI of your key vault in the Overview tab.

-![integrations](../../images/integrations-azure-key-vault-vault-uri.png)
+![integrations](../../images/integrations/azure-key-vault/integrations-azure-key-vault-vault-uri.png)

 Select which Infisical environment secrets you want to sync to your key vault. Then, input your Vault URI from the previous step. Finally, press create integration to start syncing secrets to Azure Key Vault.

-![integrations](../../images/integrations-azure-key-vault-create.png)
+![integrations](../../images/integrations/azure-key-vault/integrations-azure-key-vault-create.png)

-![integrations](../../images/integrations-azure-key-vault.png)
+![integrations](../../images/integrations/azure-key-vault/integrations-azure-key-vault.png)

 <Info>
  If this is your project's first cloud integration, then you'll have to grant
@ -34,3 +36,38 @@ Select which Infisical environment secrets you want to sync to your key vault. T
  breaks E2EE, it's necessary for Infisical to sync the environment variables to
  the cloud platform.
 </Info>
+  </Tab>
+  <Tab title="Self-Hosted Setup">
+  Using the Azure KV integration on a self-hosted instance of Infisical requires configuring an application in Azure
+  and registering your instance with it.
+  
+  ## Create an application in Azure
+  
+  Navigate to Azure Active Directory > App registrations to create a new application.
+  
+   ![integrations Azure KV config](../../images/integrations/azure-key-vault/integrations-azure-key-vault-config-aad.png) 
+   ![integrations Azure KV config](../../images/integrations/azure-key-vault/integrations-azure-key-vault-config-new-app.png) 
+
+    Create the application. As part of the form, set the **Redirect URI** to `https://your-domain.com/integrations/azure-key-vault/oauth2/callback`.
+   
+   ![integrations Azure KV config](../../images/integrations/azure-key-vault/integrations-azure-key-vault-config-new-app-form.png) 
+   
+   ## Add your application credentials to Infisical
+   
+   Obtain the **Application (Client) ID** in Overview and generate a **Client Secret** in Certificate & secrets for your Azure application.
+
+   ![integrations Azure KV config](../../images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-1.png) 
+   ![integrations Azure KV config](../../images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-2.png) 
+   ![integrations Azure KV config](../../images/integrations/azure-key-vault/integrations-azure-key-vault-config-credentials-3.png) 
+   
+   Back in your Infisical instance, add two new environment variables for the credentials of your Azure application.
+
+   - `CLIENT_ID_AZURE`: The **Application (Client) ID** of your Azure application.
+   - `CLIENT_SECRET_AZURE`: The **Client Secret** of your Azure application.
+   
+  Once added, restart your Infisical instance and use the Azure KV integration.
+
+  
+  </Tab>
+</Tabs>
+
--- a/docs/integrations/cloud/gcp-secret-manager.mdx
+++ b/docs/integrations/cloud/gcp-secret-manager.mdx
@ -3,7 +3,9 @@ title: "GCP Secret Manager"
 description: "How to sync secrets from Infisical to GCP Secret Manager"
 ---

-Prerequisites:
+<Tabs>
+  <Tab title="Usage">
+  Prerequisites:

 - Set up and add envars to [Infisical Cloud](https://app.infisical.com)

@ -15,7 +17,7 @@ Prerequisites:

 Press on the GCP Secret Manager tile and grant Infisical access to GCP.

-![integrations GCP authorization](../../images/integrations-gcp-secret-manager-auth.png)
+![integrations GCP authorization](../../images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-auth.png)

 <Info>
  If this is your project's first cloud integration, then you'll have to grant
@ -28,10 +30,42 @@ Press on the GCP Secret Manager tile and grant Infisical access to GCP.

 Select which Infisical environment secrets you want to sync to which GCP secret manager project. Lastly, press create integration to start syncing secrets to GCP secret manager.

-![integrations GCP secret manager](../../images/integrations-gcp-secret-manager-create.png)
-![integrations GCP secret manager](../../images/integrations-gcp-secret-manager.png)
+![integrations GCP secret manager](../../images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-create.png)
+![integrations GCP secret manager](../../images/integrations/gcp-secret-manager/integrations-gcp-secret-manager.png)

 <Warning>
    Using Infisical to sync secrets to GCP Secret Manager requires that you enable
    the Service Usage API in the Google Cloud project you want to sync secrets to. More on that [here](https://cloud.google.com/service-usage/docs/set-up-development-environment).
-</Warning>
+</Warning>
+  </Tab>
+  <Tab title="Self-Hosted Setup">
+  Using the GCP Secret Manager integration on a self-hosted instance of Infisical requires configuring an OAuth2 application in GCP
+  and registering your instance with it.
+  
+  ## Create an OAuth2 application in GCP
+  
+  Navigate to your project API & Services > Credentials to create a new OAuth2 application.
+   
+   ![integrations GCP secret manager config](../../images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-api-services.png) 
+   ![integrations GCP secret manager config](../../images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-new-app.png) 
+    
+    Create the application. As part of the form, add to **Authorized redirect URIs**: `https://your-domain.com/integrations/gitlab/oauth2/callback`.
+   
+   ![integrations GCP secret manager config](../../images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-new-app-form.png) 
+   
+   ## Add your OAuth2 application credentials to Infisical
+   
+   Obtain the **Client ID** and **Client Secret** for your GCP OAuth2 application.
+   
+   ![integrations GCP secret manager config](../../images/integrations/gcp-secret-manager/integrations-gcp-secret-manager-config-credentials.png) 
+   
+   Back in your Infisical instance, add two new environment variables for the credentials of your GCP OAuth2 application:
+
+   - `CLIENT_ID_GCP_SECRET_MANAGER`: The **Client ID** of your GCP OAuth2 application.
+   - `CLIENT_SECRET_GCP_SECRET_MANAGER`: The **Client Secret** of your GCP OAuth2 application.
+   
+  Once added, restart your Infisical instance and use the GCP Secret Manager integration.
+
+  </Tab>
+</Tabs>
+
--- a/docs/integrations/cloud/heroku.mdx
+++ b/docs/integrations/cloud/heroku.mdx
@ -3,7 +3,9 @@ title: "Heroku"
 description: "How to sync secrets from Infisical to Heroku"
 ---

-Prerequisites:
+<Tabs>
+  <Tab title="Usage">
+  Prerequisites:

 - Set up and add envars to [Infisical Cloud](https://app.infisical.com)

@ -15,7 +17,7 @@ Prerequisites:

 Press on the Heroku tile and grant Infisical access to your Heroku account.

-![integrations heroku authorization](../../images/integrations-heroku-auth.png)
+![integrations heroku authorization](../../images/integrations/heroku/integrations-heroku-auth.png)

 <Info>
  If this is your project's first cloud integration, then you'll have to grant
@ -28,5 +30,38 @@ Press on the Heroku tile and grant Infisical access to your Heroku account.

 Select which Infisical environment secrets you want to sync to which Heroku app and press create integration to start syncing secrets to Heroku.

-![integrations heroku](../../images/integrations-heroku-create.png)
-![integrations heroku](../../images/integrations-heroku.png)
+![integrations heroku](../../images/integrations/heroku/integrations-heroku-create.png)
+![integrations heroku](../../images/integrations/heroku/integrations-heroku.png)
+  </Tab>
+  <Tab title="Self-Hosted Setup">
+  Using the Heroku integration on a self-hosted instance of Infisical requires configuring an API client in Heroku
+  and registering your instance with it.
+  
+  ## Create an API client in Heroku
+  
+  Navigate to your user Account settings > Applications to create a new API client.
+
+   ![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-settings.png) 
+   ![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-applications.png) 
+   ![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-new-app.png) 
+   
+    Create the API client. As part of the form, set the **OAuth callback URL** to `https://your-domain.com/integrations/heroku/oauth2/callback`.
+
+   ![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-new-app-form.png) 
+   
+   ## Add your Heroku API client credentials to Infisical
+   
+   Obtain the **Client ID** and **Client Secret** for your Heroku API client.
+   
+   ![integrations Heroku config](../../images/integrations/heroku/integrations-heroku-config-credentials.png) 
+   
+   Back in your Infisical instance, add two new environment variables for the credentials of your Heroku API client.
+
+   - `CLIENT_ID_HEROKU`: The **Client ID** of your Heroku API client.
+   - `CLIENT_SECRET_HEROKU`: The **Client Secret** of your Heroku API client.
+   
+  Once added, restart your Infisical instance and use the Heroku integration.
+
+  </Tab>
+</Tabs>
+
--- a/docs/integrations/cloud/netlify.mdx
+++ b/docs/integrations/cloud/netlify.mdx
@ -3,7 +3,9 @@ title: "Netlify"
 description: "How to sync secrets from Infisical to Netlify"
 ---

-<Warning>
+<Tabs>
+  <Tab title="Usage">
+  <Warning>
  Infisical integrates with Netlify's new environment variable experience. If
  your site uses Netlify's old environment variable experience, you'll have to
  upgrade it to the new one to use this integration.
@ -21,7 +23,7 @@ Prerequisites:

 Press on the Netlify tile and grant Infisical access to your Netlify account.

-![integrations netlify authorization](../../images/integrations-netlify-auth.png)
+![integrations netlify authorization](../../images/integrations/netlify/integrations-netlify-auth.png)

 <Info>
  If this is your project's first cloud integration, then you'll have to grant
@ -34,5 +36,37 @@ Press on the Netlify tile and grant Infisical access to your Netlify account.

 Select which Infisical environment secrets you want to sync to which Netlify app and context. Lastly, press create integration to start syncing secrets to Netlify.

-![integrations netlify](../../images/integrations-netlify-create.png)
-![integrations netlify](../../images/integrations-netlify.png)
+![integrations netlify](../../images/integrations/netlify/integrations-netlify-create.png)
+![integrations netlify](../../images/integrations/netlify/integrations-netlify.png)
+
+  </Tab>
+  <Tab title="Self-Hosted Setup">
+    Using the Netlify integration on a self-hosted instance of Infisical requires configuring an OAuth application in Netlify
+  and registering your instance with it.
+  
+  ## Create an OAuth application in Netlify
+  
+  Navigate to your User settings > Applications > OAuth to create a new OAuth application.
+  
+   ![integrations Netlify config](../../images/integrations/netlify/integrations-netlify-config-user-settings.png) 
+   ![integrations Netlify config](../../images/integrations/netlify/integrations-netlify-config-new-app.png) 
+    
+    Create the OAuth application. As part of the form, set the **Redirect URI** to `https://your-domain.com/integrations/netlify/oauth2/callback`.
+
+   ![integrations Netlify config](../../images/integrations/netlify/integrations-netlify-config-new-app-form.png) 
+
+   ## Add your Netlify OAuth application credentials to Infisical
+   
+   Obtain the **Client ID** and **Secret** for your Netlify OAuth application.
+   
+   ![integrations Netlify config](../../images/integrations/netlify/integrations-netlify-config-credentials.png) 
+   
+   Back in your Infisical instance, add two new environment variables for the credentials of your Netlify OAuth application.
+
+   - `CLIENT_ID_NETLIFY`: The **Client ID** of your Netlify OAuth application.
+   - `CLIENT_SECRET_NETLIFY`: The **Secret** of your Netlify OAuth application.
+   
+  Once added, restart your Infisical instance and use the Netlify integration.
+  </Tab>
+</Tabs>
+
--- a/docs/integrations/cloud/vercel.mdx
+++ b/docs/integrations/cloud/vercel.mdx
@ -3,7 +3,9 @@ title: "Vercel"
 description: "How to sync secrets from Infisical to Vercel"
 ---

-Prerequisites:
+<Tabs>
+  <Tab title="Usage">
+  Prerequisites:

 - Set up and add envars to [Infisical Cloud](https://app.infisical.com)

@ -15,7 +17,7 @@ Prerequisites:

 Press on the Vercel tile and grant Infisical access to your Vercel account.

-![integrations vercel authorization](../../images/integrations-vercel-auth.png)
+![integrations vercel authorization](../../images/integrations/vercel/integrations-vercel-auth.png)

 <Info>
  If this is your project's first cloud integration, then you'll have to grant
@ -28,8 +30,8 @@ Press on the Vercel tile and grant Infisical access to your Vercel account.

 Select which Infisical environment secrets you want to sync to which Vercel app and environment. Lastly, press create integration to start syncing secrets to Vercel.

-![integrations vercel](../../images/integrations-vercel-create.png)
-![integrations vercel](../../images/integrations-vercel.png)
+![integrations vercel](../../images/integrations/vercel/integrations-vercel-create.png)
+![integrations vercel](../../images/integrations/vercel/integrations-vercel.png)

 <Info>
  Infisical syncs every envar to Vercel with type `encrypted` unless an existing
@ -47,3 +49,37 @@ Select which Infisical environment secrets you want to sync to which Vercel app
  `AWS_ACCESS_KEY_ID`, `AWS_SECRET_ACCESS_KEY`, `AWS_SESSION_TOKEN`,
  `AWS_REGION`, and `AWS_DEFAULT_REGION`.
 </Warning>
+  </Tab>
+  <Tab title="Self-Hosted Setup">
+  Using the Vercel integration on a self-hosted instance of Infisical requires configuring an integration in Vercel.
+  and registering your instance with it.
+  
+  ## Create an integration in Vercel
+  
+  Navigate to Integrations > Integration Console to create a new integration.
+  
+   ![integrations Vercel config](../../images/integrations/vercel/integrations-vercel-config-integrations-console.png) 
+   ![integrations Vercel config](../../images/integrations/vercel/integrations-vercel-config-new-app.png) 
+    
+    Create the application. As part of the form, set **Redirect URL** to `https://your-domain.com/integrations/vercel/oauth2/callback`. Also,
+    be sure to set the API Scopes according to the second screenshot below.
+   
+   ![integrations Vercel config](../../images/integrations/vercel/integrations-vercel-config-new-app-form-1.png) 
+   ![integrations Vercel config](../../images/integrations/vercel/integrations-vercel-config-new-app-form-2.png) 
+   
+   ## Add your Vercel integration credentials to Infisical
+   
+   Obtain the **Client (Integration) ID** and **Client (Integration) Secret** for your Vercel integration.
+
+   ![integrations Vercel config](../../images/integrations/vercel/integrations-vercel-config-credentials.png) 
+   
+   Back in your Infisical instance, add two new environment variables for the credentials of your Vercel integration.
+
+   - `CLIENT_ID_VERCEL`: The **Client (Integration) ID** of your Vercel integration.
+   - `CLIENT_SECRET_VERCEL`: The **Client (Integration) Secret** of your Vercel integration.
+   
+  Once added, restart your Infisical instance and use the Vercel integration.
+
+  </Tab>
+</Tabs>
+