41 lines
1.4 KiB
Bash
41 lines
1.4 KiB
Bash
DB_PASS=
|
|
|
|
# Set OIDC to be the authentication method
|
|
AUTH_METHOD=oidc
|
|
|
|
# Control if BookStack automatically initiates login via your OIDC system
|
|
# if it's the only authentication method. Prevents the need for the
|
|
# user to click the "Login with x" button on the login page.
|
|
# Setting this to true enables auto-initiation.
|
|
AUTH_AUTO_INITIATE=false
|
|
|
|
# Set the display name to be shown on the login button.
|
|
# (Login with <name>)
|
|
OIDC_NAME=SSO
|
|
|
|
# Name of the claims(s) to use for the user's display name.
|
|
# Can have multiple attributes listed, separated with a '|' in which
|
|
# case those values will be joined with a space.
|
|
# Example: OIDC_DISPLAY_NAME_CLAIMS=given_name|family_name
|
|
OIDC_DISPLAY_NAME_CLAIMS=name
|
|
|
|
# OAuth Client ID to access the identity provider
|
|
OIDC_CLIENT_ID=
|
|
|
|
# OAuth Client Secret to access the identity provider
|
|
OIDC_CLIENT_SECRET=
|
|
|
|
# Issuer URL
|
|
# Must start with 'https://'
|
|
OIDC_ISSUER=https://example.domain.com/application/o/book/
|
|
|
|
# The "end session" (RP-initiated logout) URL to call during BookStack logout.
|
|
# By default this is false which disables RP-initiated logout.
|
|
# Setting to "true" will enable logout if found as supported by auto-discovery.
|
|
# Otherwise, this can be set as a specific URL endpoint.
|
|
OIDC_END_SESSION_ENDPOINT=false
|
|
|
|
# Enable auto-discovery of endpoints and token keys.
|
|
# As per the standard, expects the service to serve a
|
|
# `<issuer>/.well-known/openid-configuration` endpoint.
|
|
OIDC_ISSUER_DISCOVER=true |