From 237ea3aedd6914bde6ed273fe83f16f84eba3ff7 Mon Sep 17 00:00:00 2001 From: Jason Rasmussen Date: Thu, 5 Feb 2026 09:00:00 -0500 Subject: [PATCH] chore: update oauth documentation (#25907) * chore: prefer lowercase for non i18n labels * chore: update documentation --- docs/docs/administration/oauth.md | 12 +++++++----- .../components/admin-settings/AuthSettings.svelte | 14 +++++++------- 2 files changed, 14 insertions(+), 12 deletions(-) diff --git a/docs/docs/administration/oauth.md b/docs/docs/administration/oauth.md index 47f4a96c6a..d0a9ce733e 100644 --- a/docs/docs/administration/oauth.md +++ b/docs/docs/administration/oauth.md @@ -56,11 +56,13 @@ Once you have a new OAuth client application configured, Immich can be configure | Setting | Type | Default | Description | | ---------------------------------------------------- | ------- | -------------------- | ----------------------------------------------------------------------------------- | | Enabled | boolean | false | Enable/disable OAuth | -| Issuer URL | URL | (required) | Required. Self-discovery URL for client (from previous step) | -| Client ID | string | (required) | Required. Client ID (from previous step) | -| Client Secret | string | (required) | Required. Client Secret (previous step) | -| Scope | string | openid email profile | Full list of scopes to send with the request (space delimited) | -| Signing Algorithm | string | RS256 | The algorithm used to sign the id token (examples: RS256, HS256) | +| `issuer_url` | URL | (required) | Required. Self-discovery URL for client (from previous step) | +| `client_id` | string | (required) | Required. Client ID (from previous step) | +| `client_secret` | string | (required) | Required. Client Secret (previous step) | +| `scope` | string | openid email profile | Full list of scopes to send with the request (space delimited) | +| `id_token_signed_response_alg` | string | RS256 | The algorithm used to sign the id token (examples: RS256, HS256) | +| `userinfo_signed_response_alg` | string | none | The algorithm used to sign the userinfo response (examples: RS256, HS256) | +| Request timeout | string | 30,000 (30 seconds) | Number of milliseconds to wait for http requests to complete before giving up | | Storage Label Claim | string | preferred_username | Claim mapping for the user's storage label**¹** | | Role Claim | string | immich_role | Claim mapping for the user's role. (should return "user" or "admin")**¹** | | Storage Quota Claim | string | immich_quota | Claim mapping for the user's storage**¹** | diff --git a/web/src/lib/components/admin-settings/AuthSettings.svelte b/web/src/lib/components/admin-settings/AuthSettings.svelte index 098ce23259..aec1761998 100644 --- a/web/src/lib/components/admin-settings/AuthSettings.svelte +++ b/web/src/lib/components/admin-settings/AuthSettings.svelte @@ -105,7 +105,7 @@