Skip to content

Replicates OIDC_PROVIDER_NAME documentation to versioned_docs #33

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
Pacodastre wants to merge 1 commit into from
Closed

Replicates OIDC_PROVIDER_NAME documentation to versioned_docs #33

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
23 changes: 12 additions & 11 deletions versioned_docs/version-0.3.0/authentication/oidc.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,21 +6,22 @@ OpenID Connect is a OAuth2 extension support by most identity providers.

To configure OIDC, you must set the following environment variables:

| Variable | Usage |
| -------------------------------- | --------------------------------------------------------------------------------------------------- |
| `OIDC_CLIENT_ID` | Client ID from your identity provider. |
| `OIDC_CLIENT_SECRET` | Client secret from your identity provider. |
| `OIDC_ADMIN_GROUP` | Grant admin to users with this group configured in your identity provider. Tested with Authentik. |
| `DISABLE_SIMPLE_AUTH` (optional) | Disable simple auth |
| `OIDC_USERNAME_CLAIM` (optional) | Change the field that Drop pulls the username claim from. Users are merged based on their usernames |
| Variable | Usage |
| -------------------------------- | ----------------------------------------------------------------------------------------------------------- |
| `OIDC_CLIENT_ID` | Client ID from your identity provider. |
| `OIDC_CLIENT_SECRET` | Client secret from your identity provider. |
| `OIDC_ADMIN_GROUP` | Grant admin to users with this group configured in your identity provider. Tested with Authentik. |
| `DISABLE_SIMPLE_AUTH` (optional) | Disable simple auth |
| `OIDC_USERNAME_CLAIM` (optional) | Change the field that Drop pulls the username claim from. Users are merged based on their usernames |
| `OIDC_PROVIDER_NAME` (optional) | Change the name of the oidc provider that is displayed on the sign-in page. Default is `external provider`. |

And then, you must configure **either**:

#### `OIDC_WELLKNOWN`: A unprotected endpoint that returns a OIDC well-known JSON. Fetched on startup.
#### `OIDC_WELLKNOWN`: A unprotected endpoint that returns a OIDC well-known JSON. Fetched on startup

---

#### Individual endpoints:
#### Individual endpoints

| Variable | Usage |
| -------------------- | ------------------------------------------------------------------------- |
Expand All @@ -29,6 +30,6 @@ And then, you must configure **either**:
| `OIDC_USERINFO` | Userinfo endpoint. Usually ends with `userinfo`. |
| `OIDC_SCOPES` | Comma separated list of scopes. Requires, at least, `openid` and `email`. |


## Redirect URL
Drop uses the `EXTERNAL_URL` environment variable to create the callback URL: `$EXTERNAL_URL/auth/callback/oidc`.

Drop uses the `EXTERNAL_URL` environment variable to create the callback URL: `$EXTERNAL_URL/auth/callback/oidc`.