<title>QWC OIDC authentication service</title>

QWC OIDC authentication service

Type: object

root $schema

JSON Schema

Type: stringFormat: uri Default: "https://github.com/qwc-services/qwc-oidc-auth/raw/main/schemas/qwc-oidc-auth.json"

Reference to JSON schema of this config

root service

Service name

Type: const
Specific value: "oidc-auth"

root config

Config options

Type: object

root config issuer_url
Type: stringFormat: uri

OpenID Connect Issuer URL

root config client_id
Type: string

Client ID

root config client_secret
Type: string

Client secret

root config openid_scopes
Type: string Default: "openid email profile"

Scopes

root config redirect_uri
Type: string

Custom redirect URI after calling authorization endpoint

root config username
Type: string

Attribute for user name

root config groupinfo
Type: string

Attribute name of group memberships

root config authorized_api_token
Type: array of object

List of api token authorized to use tokenlogin endpoint

 No Additional Items

Each item of this array must be:

root config authorized_api_token authorized_api_token items
Type: object

root config authorized_api_token authorized_api_token items keys_url
Type: string

Public keys URL to decode token

root config authorized_api_token authorized_api_token items claims_options
Type: object

Token validation parameters following authlib specs : https://docs.authlib.org/en/latest/jose/jwt.html#jwt-payload-claims-validation

root config db_url
Type: string

DB connection URL (to sync users and userinfofields). Can be set to an empty string if sync is not needed. Default: postgresql:///?service=qwc_configdb

root config qwc_config_schema
Type: string

The name of the DB schema which stores the qwc config. Default: qwc_config

root config user_info_fields
Type: array of string

List of user info fields to get from IdP and to include in JWT identity and DB (if db_url is set). Default: []

 No Additional Items

Each item of this array must be:

root config user_info_fields user_info_fields items
Type: string