From fc579bd2bc5406abcaa9f8dfffe4232a2e256116 Mon Sep 17 00:00:00 2001 From: otaconix Date: Fri, 30 Jun 2023 12:58:20 +0200 Subject: Allow choosing the OIDC remote user claim and scopes to request from the identity provider (#5481) * Allow choosing the OIDC remote user claim and scopes to request from the identity provider * Added comment to explain how checking whether an environment variable is set is done * Use apostrophe's instead of single quotes for verb contractions in docs * Move variables used for checking presence of environment variables inside IfDefine block --- docs/en/admins/16_OpenID-Connect.md | 2 ++ 1 file changed, 2 insertions(+) (limited to 'docs') diff --git a/docs/en/admins/16_OpenID-Connect.md b/docs/en/admins/16_OpenID-Connect.md index 16adb4532..287aa21ef 100644 --- a/docs/en/admins/16_OpenID-Connect.md +++ b/docs/en/admins/16_OpenID-Connect.md @@ -20,6 +20,8 @@ OIDC support in Docker is activated by the presence of a non-empty non-zero `OID * `OIDC_CLIENT_ID`: The OIDC client id from your issuer. * `OIDC_CLIENT_SECRET`: The OIDC client secret issuer. * `OIDC_CLIENT_CRYPTO_KEY`: An opaque key used for internal encryption. +* `OIDC_REMOTE_USER_CLAIM`: The claim to use as the username within FreshRSS. Defaults to `preferred_username`. Depending on what you choose here, and your identity provider, you’ll need to adjust the scopes you request so that this claim will be accessible. Refer to your identity provider’s documentation. +* `OIDC_SCOPES`: The OIDC scopes to request. Defaults to `openid`. As mentioned previously, make sure the scopes you pick contain whatever `OIDC_REMOTE_USER_CLAIM` you chose. You may add additional custom configuration in a new `./FreshRSS/p/i/.htaccess` file. -- cgit v1.2.3