Drop-OSS/archived-drop-docs
1
0
Fork 0
mirror of https://github.com/Drop-OSS/drop-docs.git synced 2026-01-30 20:55:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cd6c7ff41d1c9451c19b658b385871b67b33c49a
archived-drop-docs/versioned_docs/version-0.3.0/authentication/oidc.md
DecDuck cd6c7ff41d feat: create new 0.3.0 version
2025-07-31 20:23:50 +10:00

1.8 KiB
Raw Blame History

OpenID Connect

OpenID Connect is a OAuth2 extension support by most identity providers.

Configure OpenID Connect

To configure OIDC, you must set the following environment variables:

Variable Usage
OIDC_CLIENT_ID Client ID from your identity provider.
OIDC_CLIENT_SECRET Client secret from your identity provider.
OIDC_ADMIN_GROUP Grant admin to users with this group configured in your identity provider. Tested with Authentik.
DISABLE_SIMPLE_AUTH (optional) Disable simple auth

And then, you must configure either:

OIDC_WELLKNOWN: A unprotected endpoint that returns a OIDC well-known JSON. Fetched on startup.

Individual endpoints:

Variable Usage
OIDC_AUTHORIZATION Authorization endpoint. Usually ends with authorize.
OIDC_TOKEN Token endpoint. Usually ends with token.
OIDC_USERINFO Userinfo endpoint. Usually ends with userinfo.
OIDC_SCOPES Comma separated list of scopes. Requires, at least, openid and email.