forked from vikunja/vikunja
docs: implement requested doc changes
This commit is contained in:
parent
fe262014d3
commit
6987ddae2a
@ -28,7 +28,6 @@ openid:
|
||||
authurl: https://login.mydomain.com
|
||||
clientid: <vikunja-id>
|
||||
clientsecret: <vikunja secret>
|
||||
scope: openid email profile
|
||||
```
|
||||
|
||||
Authelia config:
|
||||
@ -58,7 +57,6 @@ openid:
|
||||
authurl: https://accounts.google.com
|
||||
clientid: <google-oauth-client-id>
|
||||
clientsecret: <google-oauth-client-secret>
|
||||
scope: openid email profile
|
||||
```
|
||||
|
||||
Google config:
|
||||
@ -82,7 +80,6 @@ openid:
|
||||
logouturl: https://keycloak.mydomain.com/realms/<relam-name>/protocol/openid-connect/logout
|
||||
clientid: <vikunja-id>
|
||||
clientsecret: <vikunja secret>
|
||||
scope: openid email profile
|
||||
```
|
||||
Keycloak Config:
|
||||
- Navigate to the keycloak instance
|
||||
@ -112,11 +109,9 @@ auth:
|
||||
logouturl: "https://authentik.mydomain.com/application/o/vikunja/end-session/"
|
||||
clientid: "" # copy from Authetik
|
||||
clientsecret: "" # copy from Authentik
|
||||
scope: openid email profile
|
||||
```
|
||||
|
||||
**Note:** The `authurl` that Vikunja requires is not the `Authorize URL` that you can see in the Provider.
|
||||
Vikunja uses OpenID Discovery to find the correct endpoint to use.
|
||||
Vikunja does this automatically by accessing the `OpenID Configuration URL` (usually `https://authentik.mydomain.com/application/o/vikunja/.well-known/openid-configuration`).
|
||||
OpenID Discovery is used to find the correct endpoint to use automatically, by accessing the `OpenID Configuration URL` (usually `https://authentik.mydomain.com/application/o/vikunja/.well-known/openid-configuration`).
|
||||
Use this URL without the `.well-known/openid-configuration` as the `authurl`.
|
||||
Typically this URL can be found in the metadata section within your identity provider.
|
||||
|
@ -55,7 +55,7 @@ More detailled instructions for various different identity providers can be [fou
|
||||
|
||||
### Step 2: Configure Vikunja
|
||||
|
||||
Vikunja has to be configured to use the identity provider. The general configuration is structured as follows:
|
||||
Vikunja has to be configured to use the identity provider. Please note that there is currently no option to configure these settings via environment variables, they have to be defined using the configuration file. The configuration schema is as follows:
|
||||
|
||||
```yaml
|
||||
auth:
|
||||
@ -73,7 +73,7 @@ auth:
|
||||
The values for `authurl` can be obtained from the Metadata of your provider, while `clientid` and `clientsecret` are obtained when configuring the client.
|
||||
The scope usually doesn't need to be specified or changed, unless you want to configure the automatic team assignment.
|
||||
|
||||
Once you're confident that the external authentication works and you want to disable local accounts, this can be done by configuring:
|
||||
Optionally it is possible to disable local authentication and therefore forcing users to login via OpenID connect:
|
||||
|
||||
```yaml
|
||||
auth:
|
||||
|
Loading…
x
Reference in New Issue
Block a user