tiny changes in openid.md
continuous-integration/drone/pr Build is passing
Details
continuous-integration/drone/pr Build is passing
Details
This commit is contained in:
parent
8dee24bb25
commit
88b13f68c6
|
|
@ -5,7 +5,7 @@ See below for setup instructions.
|
|||
|
||||
To distinguish between teams created in Vikunja and teams generated automatically via oidc, generated teams have an `oidcID` assigned internally.
|
||||
|
||||
## Setup for atuhentik
|
||||
## Setup for authentik
|
||||
|
||||
To configure automatic team management through authentik, we assume you have already set up Authentik as an oidc provider for authentication with Vikunja.
|
||||
|
||||
|
|
@ -24,8 +24,9 @@ for group in request.user.ak_groups.all():
|
|||
return groupsDict
|
||||
```
|
||||
|
||||
```
|
||||
output example:
|
||||
|
||||
```
|
||||
{
|
||||
"vikunja_groups": [
|
||||
{
|
||||
|
|
@ -42,30 +43,26 @@ output example:
|
|||
Now when you log into Vikunja via oidc there will be a list of scopes you are claiming from your oidc provider.
|
||||
You should see the description you entered in the oidc provider's admin area.
|
||||
|
||||
Log in and go to teams.
|
||||
You should see "(sso: XXXXX)" written next to each team you were asigned through oidc.
|
||||
Proceed to vikunja and go to teams.
|
||||
You should see "(sso: *your_oidcID*)" written next to each team you were asigned through oidc.
|
||||
|
||||
## IMPORTANT NOTES:
|
||||
* **SSO/OIDC teams cannot be edited.**
|
||||
## Important Notes:
|
||||
* SSO/OIDC teams cannot be edited.
|
||||
|
||||
* **It is required to deliver the key "vikunja_groups" via your custom_scope since this is the key vikunja is looking for to start the procedure.**
|
||||
* It is required to deliver the key "vikunja_groups" via your custom_scope since this is the key vikunja is looking for to start the procedure.
|
||||
|
||||
* **Additionally, make sure to deliver an "oidcID" and a "name" attribute in the oidc token.**
|
||||
* Additionally, make sure to deliver an "oidcID" and a "name" attribute in the oidc token.
|
||||
|
||||
|
||||
|
||||
---
|
||||
|
||||
## BEHAVIOR
|
||||
## Use cases
|
||||
|
||||
*All examples assume one team called "team 1"*
|
||||
|
||||
1. *Token delivers team.name +team.oidcId and Vikunja team does not exist:* \
|
||||
1. *Token delivers team.name +team.oidc_id and Vikunja team does not exist:* \
|
||||
New team will be created called "team 1" with attribute oidcId: "33929"
|
||||
|
||||
|
||||
2. *In Vikunja Team with name "team 1" already exists in vikunja, but has no oidcID set:* \
|
||||
new team will be created called "team 1" with attribute oidcId: "33929"
|
||||
new team will be created called "team 1" with attribute oidc_id: "33929"
|
||||
|
||||
|
||||
3. *In Vikunja Team with name "team 1" already exists in vikunja, but has different oidcID set:* \
|
||||
|
|
|
|||
Loading…
Reference in New Issue