oss/conduit
oss/conduit
1
0
Fork 0
mirror of https://gitlab.com/famedly/conduit.git synced 2025-06-27 16:35:59 +00:00
Code Wiki Activity

WIP: docs

Browse source
This commit is contained in:
avdb13 2024-07-04 22:19:25 +02:00
parent 8abab8c8a0
commit 269455d93a
1 changed files with 37 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

37
docs/configuration.md
View file

@ -11,6 +11,7 @@ Conduit's configuration file is divided into the following sections:
- [Global](#global)
- [TLS](#tls)
- [Proxy](#proxy)
- [SSO (Single Sign-On)](#sso)
## Global
@ -109,3 +110,39 @@ exclude = ["*.clearnet.onion"]
[global]
{{#include ../conduit-example.toml:22:}}
```
### SSO (Single Sign-On)
Authentication through SSO instead of a password can be enabled by configuring OIDC (OpenID Connect) identity providers.
Identity providers using OAuth such as Github are not supported yet.
> **Note:** The `*` symbol indicates that the field is required, and the values in **parentheses** are the possible values
| Field | Type | Description | Default |
| --- | --- | --- | --- |
| `issuer`* | `Url` | The issuer URL. | N/A |
| `name` | `string` | The name displayed on fallback pages. | `issuer` |
| `icon` | `Url` OR `MxcUri` | The icon displayed on fallback pages. | N/A |
| `scopes` | `array` | The scopes used to obtain extra claims which can be used for templates. | `["openid"]` |
<!-- | `pkce` | `bool` | | `true` | -->
<!-- | `backchannel_logout` | `bool` | | `true` | -->
<!-- | `unique_claim` | `string` | The key of the claim, used to uniquely identify users | `"sub"` | <!-1- TODO: claim_correlation? -1-> -->
<!-- | `credentials`* | `table` | See [Client Credentials](#client-credentials) | N/A | -->
| `client_id`* | `string` | The provider-supplied, unique ID for the client. | N/A |
| `client_secret`* | `string` | The provider-supplied, unique ID for the client. | N/A |
| `authentication_method`* | `"basic" | "post"` | The method used for client authentication. | N/A |
<!-- TODO -->
<!-- #### Example -->
<!-- ```toml -->
<!-- [global.sso.keycloak] -->
<!-- name = "A Mysterious KeyCloak Server" -->
<!-- icon = "mxc://matrix.org/tuKmXlmbHzYPFmdHafbZHOWj" -->
<!-- issuer = "https://oidc.conduit.rs:8443/realms/dev_team_realm" -->
<!-- scopes = ["openid", "profile"] -->
<!-- ``` -->
<!-- localpart = "userinfo.preferred_username" -->
<!-- displayname = "id_token.name" -->
<!-- avatar_url = "userinfo.picture" -->
<!-- email = "userinfo.email" -->
<!-- msisdn = "userinfo.phone_number" -->