mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-04-28 06:49:49 -05:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #476 from rhafer/custom-idp-clients

Browse Source 
docs(idp): Document how to add custom OIDC clients
This commit is contained in:
Ralf Haferkamp
2025-03-26 08:02:48 +01:00
committed by GitHub
parent a414a2015d 24e5e19825
commit 0702b8bf9f
1 changed files with 73 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/idp/README.md
+73
View File
@@ -7,3 +7,76 @@ It is mainly targeted at smaller installations. For larger setups it is recommen
By default, it is configured to use the OpenCloud IDM service as its LDAP backend for looking up and authenticating users. Other backends like an external LDAP server can be configured via a set of [enviroment variables](https://docs.opencloud.eu/services/idp/configuration/#environment-variables).
Note that translations provided by the IDP service are not maintained via OpenCloud but part of the embedded [LibreGraph Connect Identifier](https://github.com/libregraph/lico/tree/master/identifier) package.
## Configuration
### Custom Clients
By default the `idp` service generates a OIDC client configuration suitable for
using OpenCloud with the standard client applications (Web, Desktop, iOS and
Android). If you need to configure additional client it is possible to inject a
custom configuration via `yaml`. This can be done by adding a section `clients`
to the `idp` section of the main configuration file (`opencloud.yaml`). This section
needs to contain configuration for all clients (including the standard clients).
For example if you want to add a (public) client for use with the oidc-agent you would
need to add this snippet to the `idp` section in `opencloud.yaml`.
```yaml
clients:
- id: web
name: OpenCloud Web App
trusted: true
secret: ""
redirect_uris:
- https://opencloud.k8s:9200/
- https://opencloud.k8s:9200/oidc-callback.html
- https://opencloud.k8s:9200/oidc-silent-redirect.html
post_logout_redirect_uris: []
origins:
- https://opencloud.k8s:9200
application_type: ""
- id: OpenCloudDesktop
name: OpenCloud Desktop Client
trusted: false
secret: ""
redirect_uris:
- http://127.0.0.1
- http://localhost
post_logout_redirect_uris: []
origins: []
application_type: native
- id: OpenCloudAndroid
name: OpenCloud Android App
trusted: false
secret: ""
redirect_uris:
- oc://android.opencloud.eu
post_logout_redirect_uris:
- oc://android.opencloud.eu
origins: []
application_type: native
- id: OpenCloudIOS
name: OpenCloud iOS App
trusted: false
secret: ""
redirect_uris:
- oc://ios.opencloud.eu
post_logout_redirect_uris:
- oc://ios.opencloud.eu
origins: []
application_type: native
- id: oidc-agent
name: OIDC Agent
trusted: false
secret: ""
redirect_uris:
- http://127.0.0.1
- http://localhost
post_logout_redirect_uris: []
origins: []
application_type: native
```