OIDC Override Post Installation
-
Hello,
Is it possible to override the Cloudron OIDC configuration post installation? I understand when you setup Outline, it requires OAuth or some sort of authentication when deploying. We are utilizing an external OAuth configuration. I've attempted adding the configuration using theenv.shfile, got past a few errors, but now it seems that the option isn't even showing up.We have everything added from the
envexample provided by Outline. I changed theOIDC_SCOPEfromopenid profile emailtoopenidas a test, and got past a few generic errors. Cloudron is still listed inSettings > Sign Inand I'm not seeing "OpenID Connect" (MyProject Auth).# To configure generic OIDC auth, you'll need some kind of identity provider. # See documentation for whichever IdP you use to acquire the following info: # Redirect URI is https://<URL>/auth/oidc.callback export OIDC_CLIENT_ID= export OIDC_CLIENT_SECRET= export OIDC_AUTH_URI= export OIDC_TOKEN_URI= export OIDC_USERINFO_URI= # Specify which claims to derive user information from # Supports any valid JSON path with the JWT payload export OIDC_USERNAME_CLAIM=preferred_username # Display name for OIDC authentication export OIDC_DISPLAY_NAME=OpenID Connect # Space separated auth scopes. export OIDC_SCOPES=openid profile emailThank you!
-
This will always be overwritten by the package code on app startup. To avoid this, we have to add optionalSso flag to the package to leave the user management to the app, which also means other auth providers can be configured.
We will look into this and if this can be supported with outline.
-
N nebulon marked this topic as a question on
-
N nebulon has marked this topic as solved on
-
Wanted to note that the
optionalSsochange here allowed me to fix my Google Login issue, too! https://forum.cloudron.io/post/77654
