mirror of
https://github.com/mealie-recipes/mealie.git
synced 2025-07-09 03:04:54 -04:00
clarify docs
This commit is contained in:
parent
7df34890d4
commit
9270e22f19
@ -13,7 +13,7 @@ Signing in with OAuth will automatically find your account in Mealie and link to
|
||||
|
||||
## Provider Setup
|
||||
|
||||
Before you can start using OIDC Authentication, you must first configure a new client application in your identity provider. Your identity provider must support the OAuth **Authorization Code** flow (with PKCE). The steps will vary by provider, but generally, the steps are as follows.
|
||||
Before you can start using OIDC Authentication, you must first configure a new client application in your identity provider. Your identity provider must support the OAuth **Authorization Code flow with PKCE**. The steps will vary by provider, but generally, the steps are as follows.
|
||||
|
||||
1. Create a new client application
|
||||
- The Provider type should be OIDC or OAuth2
|
||||
|
@ -85,8 +85,8 @@ For usage, see [Usage - OpenID Connect](../authentication/oidc.md)
|
||||
| OIDC_SIGNUP_ENABLED | True | Enables new users to be created when signing in for the first time with OIDC |
|
||||
| OIDC_CONFIGURATION_URL | None | The URL to the OIDC configuration of your provider. This is usually something like https://auth.example.com/.well-known/openid-configuration |
|
||||
| OIDC_CLIENT_ID | None | The client id of your configured client in your provider |
|
||||
| OIDC_USER_GROUP| None | If specified, this group must be present in the user's group claim in order to authenticate |
|
||||
| OIDC_ADMIN_GROUP | None | If this group is present in the group claims, the user will be set as an admin |
|
||||
| OIDC_USER_GROUP| None | If specified, only users belonging to this group will be able to successfully authenticate, regardless of the OIDC_ADMIN_GROUP |
|
||||
| OIDC_ADMIN_GROUP | None | If specified, users belonging to this group will be made an admin |
|
||||
| OIDC_AUTO_REDIRECT | False | If `True`, then the login page will be bypassed an you will be sent directly to your Identity Provider. You can still get to the login page by adding `?direct=1` to the login URL |
|
||||
| OIDC_PROVIDER_NAME | OAuth | The provider name is shown in SSO login button. "Login with <OIDC_PROVIDER_NAME\>" |
|
||||
| OIDC_REMEMBER_ME | False | Because redirects bypass the login screen, you cant extend your session by clicking the "Remember Me" checkbox. By setting this value to true, a session will be extended as if "Remember Me" was checked |
|
||||
|
Loading…
x
Reference in New Issue
Block a user