jessikitty/drop
1
0
Fork 0
Code Issues Pull Requests 2 Actions Packages Projects Releases Wiki Activity

advise people to use OIDC_WELLKNOWN

Browse Source
This commit is contained in:
Huskydog9988
2026-02-10 21:23:30 -05:00
parent 5dfcd89002
commit d5ae4181aa
1 changed files with 9 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
docs/src/content/docs/admin/authentication/oidc.md
+9 -3
View File
@@ -8,7 +8,7 @@ OpenID Connect is a OAuth2 extension support by most identity providers.
To configure OIDC, you must set the following environment variables:
| Variable | Usage |
| Variable | Description |
| ------------------------------------ | -------------------------------------------------------------------------------------------------------------------------------------- |
| `OIDC_CLIENT_ID` | Client ID from your identity provider. |
| `OIDC_CLIENT_SECRET` | Client secret from your identity provider. |
@@ -25,13 +25,19 @@ And then, you must configure **either**:
#### Use `OIDC_WELLKNOWN`
A unprotected endpoint that returns a OIDC well-known JSON. Fetched on startup
A unprotected endpoint that returns a OIDC well-known JSON. Fetched on startup.
For example if you used authentik, your OIDC well-known endpoint would be: `https://authentik.company/application/o/<slug>/.well-known/openid-configuration`.
---
#### Provide options individually
| Variable | Usage |
:::caution
Drop recommends using the OIDC well-known option **instead** of manually specifying each endpoint. This should only be used if your OIDC provider does not support the well-known format.
:::
| Variable | Description |
| -------------------- | ------------------------------------------------------------------------- |
| `OIDC_AUTHORIZATION` | Authorization endpoint. Usually ends with `authorize`. |
| `OIDC_TOKEN` | Token endpoint. Usually ends with `token`. |