Drop-OSS/archived-drop-docs
1
0
Fork 0
mirror of https://github.com/Drop-OSS/drop-docs.git synced 2026-01-30 20:55:17 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
cd6c7ff41d1c9451c19b658b385871b67b33c49a
archived-drop-docs/versioned_docs/version-0.3.0/authentication/oidc.md
DecDuck cd6c7ff41d feat: create new 0.3.0 version
2025-07-31 20:23:50 +10:00

30 lines
1.8 KiB
Markdown
Raw Blame History

# OpenID Connect
OpenID Connect is a OAuth2 extension support by most identity providers.
## Configure OpenID Connect
To configure OIDC, you must set the following environment variables:
| Variable | Usage |
| -------------------------------- | ------------------------------------------------------------------------------------------------- |
| `OIDC_CLIENT_ID` | Client ID from your identity provider. |
| `OIDC_CLIENT_SECRET` | Client secret from your identity provider. |
| `OIDC_ADMIN_GROUP` | Grant admin to users with this group configured in your identity provider. Tested with Authentik. |
| `DISABLE_SIMPLE_AUTH` (optional) | Disable simple auth |
And then, you must configure **either**:
#### `OIDC_WELLKNOWN`: A unprotected endpoint that returns a OIDC well-known JSON. Fetched on startup.
---
#### Individual endpoints:
| Variable | Usage |
| -------------------- | ------------------------------------------------------------------------- |
| `OIDC_AUTHORIZATION` | Authorization endpoint. Usually ends with `authorize`. |
| `OIDC_TOKEN` | Token endpoint. Usually ends with `token`. |
| `OIDC_USERINFO` | Userinfo endpoint. Usually ends with `userinfo`. |
| `OIDC_SCOPES` | Comma separated list of scopes. Requires, at least, `openid` and `email`. |
Reference in New Issue View Git Blame Copy Permalink