مراية لـ
https://github.com/postalserver/postal.git
تم المزامنة 2025-12-01 05:43:04 +00:00
chore(config-docs): update docs for latest oidc defaults
هذا الالتزام موجود في:
Adam Cooke
@@ -98,13 +98,14 @@ This document contains all the environment variables which are available for thi
|
|||||||
| `MIGRATION_WAITER_ATTEMPTS` | Integer | The number of attempts to try waiting for migrations to complete before start | 120 |
|
| `MIGRATION_WAITER_ATTEMPTS` | Integer | The number of attempts to try waiting for migrations to complete before start | 120 |
|
||||||
| `MIGRATION_WAITER_SLEEP_TIME` | Integer | The number of seconds to wait between each migration check | 2 |
|
| `MIGRATION_WAITER_SLEEP_TIME` | Integer | The number of seconds to wait between each migration check | 2 |
|
||||||
| `OIDC_ENABLED` | Boolean | Enable OIDC authentication | false |
|
| `OIDC_ENABLED` | Boolean | Enable OIDC authentication | false |
|
||||||
|
| `OIDC_LOCAL_AUTHENTICATION_ENABLED` | Boolean | When enabled, users with passwords will still be able to login locally. If disable, only OpenID Connect will be available. | true |
|
||||||
| `OIDC_NAME` | String | The name of the OIDC provider as shown in the UI | OIDC Provider |
|
| `OIDC_NAME` | String | The name of the OIDC provider as shown in the UI | OIDC Provider |
|
||||||
| `OIDC_ISSUER` | String | The OIDC issuer URL | |
|
| `OIDC_ISSUER` | String | The OIDC issuer URL | |
|
||||||
| `OIDC_IDENTIFIER` | String | The client ID for OIDC | |
|
| `OIDC_IDENTIFIER` | String | The client ID for OIDC | |
|
||||||
| `OIDC_SECRET` | String | The client secret for OIDC | |
|
| `OIDC_SECRET` | String | The client secret for OIDC | |
|
||||||
| `OIDC_SCOPES` | Array of strings | Scopes to request from the OIDC server. | openid |
|
| `OIDC_SCOPES` | Array of strings | Scopes to request from the OIDC server. | openid,email |
|
||||||
| `OIDC_UID_FIELD` | String | The field to use to determine the user's UID | sub |
|
| `OIDC_UID_FIELD` | String | The field to use to determine the user's UID | sub |
|
||||||
| `OIDC_EMAIL_ADDRESS_FIELD` | String | The field to use to determine the user's email address | sub |
|
| `OIDC_EMAIL_ADDRESS_FIELD` | String | The field to use to determine the user's email address | email |
|
||||||
| `OIDC_NAME_FIELD` | String | The field to use to determine the user's name | name |
|
| `OIDC_NAME_FIELD` | String | The field to use to determine the user's name | name |
|
||||||
| `OIDC_DISCOVERY` | Boolean | Enable discovery to determine endpoints from .well-known/openid-configuration from the Issuer | true |
|
| `OIDC_DISCOVERY` | Boolean | Enable discovery to determine endpoints from .well-known/openid-configuration from the Issuer | true |
|
||||||
| `OIDC_AUTHORIZATION_ENDPOINT` | String | The authorize endpoint on the authorization server (only used when discovery is false) | |
|
| `OIDC_AUTHORIZATION_ENDPOINT` | String | The authorize endpoint on the authorization server (only used when discovery is false) | |
|
||||||
|
|||||||
@@ -223,6 +223,8 @@ migration_waiter:
|
|||||||
oidc:
|
oidc:
|
||||||
# Enable OIDC authentication
|
# Enable OIDC authentication
|
||||||
enabled: false
|
enabled: false
|
||||||
|
# When enabled, users with passwords will still be able to login locally. If disable, only OpenID Connect will be available.
|
||||||
|
local_authentication_enabled: true
|
||||||
# The name of the OIDC provider as shown in the UI
|
# The name of the OIDC provider as shown in the UI
|
||||||
name: OIDC Provider
|
name: OIDC Provider
|
||||||
# The OIDC issuer URL
|
# The OIDC issuer URL
|
||||||
@@ -233,11 +235,11 @@ oidc:
|
|||||||
secret:
|
secret:
|
||||||
# Scopes to request from the OIDC server.
|
# Scopes to request from the OIDC server.
|
||||||
scopes:
|
scopes:
|
||||||
- openid
|
- openid,email
|
||||||
# The field to use to determine the user's UID
|
# The field to use to determine the user's UID
|
||||||
uid_field: sub
|
uid_field: sub
|
||||||
# The field to use to determine the user's email address
|
# The field to use to determine the user's email address
|
||||||
email_address_field: sub
|
email_address_field: email
|
||||||
# The field to use to determine the user's name
|
# The field to use to determine the user's name
|
||||||
name_field: name
|
name_field: name
|
||||||
# Enable discovery to determine endpoints from .well-known/openid-configuration from the Issuer
|
# Enable discovery to determine endpoints from .well-known/openid-configuration from the Issuer
|
||||||
|
|||||||
المرجع في مشكلة جديدة
حظر مستخدم