KJZH001/nezhahq.github.io
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
nezhahq.github.io/docs/en_US/guide/q10.md
Tao Chen bc600e000d
add oidc config (#79) 
* add oidc config

* add oidc config to separated page

* add oidc configuraton link to dashboard page

* add oidc configuration page to en_US

* Update dashboard.md

* Update dashboard.md

* Update dashboard.md

* Update dashboard.md

---------

Co-authored-by: Kris <116849421+cantoblanco@users.noreply.github.com>
2024-07-14 02:17:22 +02:00

23 lines
1.8 KiB
Markdown
Raw Blame History

---
outline: deep
---
# OIDC Configuration
Edit `config.ymal` to enable **OIDC**
```yaml
oauth2:
type: oidc # (Required) Specifies the authentication type as OIDC
oidcDisplayName: OIDC # (Optional, default is OIDC) The name displayed on the login page button
admin: "" # (At least one of admin or adminGroups must be provided; default is empty) List of admin usernames, separated by commas. If a user is one of these, they will be considered an admin
adminGroups: "" # (At least one of admin or adminGroups must be provided; default is empty) List of admin groups, separated by commas. If a user belongs to one of these groups, they will be considered an admin. Can be left blank if not using group management
clientid: # (Required) OIDC client ID
clientsecret: # (Required) OIDC client secret
oidcIssuer: https://auth.example.com/realms/master # (Required) The issuer URL of the OIDC provider, can be found from the OIDC provider
# oidcLogoutUrl: https://auth.example.com/realms/master/protocol/openid-connect/logout # (Has a bug, currently not working)
# oidcRegisterUrl: # (Optional) Registration URL of the OIDC provider
oidcScopes: openid,profile,email # (Optional, default is openid,profile,email) Scopes requested from OIDC, separated by commas
oidcLoginClaim: sub # (Optional, default is sub) The username field returned from OIDC, can be preferred_username, sub, or email
oidcGroupsClaim: groups # (Required if using adminGroups; default is groups) The field returned from OIDC containing user group information, can be groups or roles
oidcAutoCreate: false # (Optional, default is false) Whether to automatically create a user if they do not exist
oidcAutoLogin: false # (Optional, default is false) Automatically redirect to the OIDC login page when the URL is /login
```
Reference in New Issue View Git Blame Copy Permalink