github/TREK
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs(oidc): fix OIDC_SCOPE default and clarify override behavior, skip CI for docs-only pushes, remove stale audit files

Browse Source
This commit is contained in:
jubnl
2026-04-04 14:47:23 +02:00
parent 5d3a740791
commit e6068d44b0
6 changed files with 8 additions and 286 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/.env.example
View File

@@ -24,7 +24,7 @@ OIDC_ONLY=true # Disable local password auth entirely (SSO only)
OIDC_ADMIN_CLAIM=groups # OIDC claim used to identify admin users
OIDC_ADMIN_VALUE=app-trek-admins # Value of the OIDC claim that grants admin role
OIDC_DISCOVERY_URL= # Override the auto-constructed OIDC discovery endpoint. Useful for providers (e.g. Authentik) that expose it at a non-standard path. Example: https://auth.example.com/application/o/trek/.well-known/openid-configuration
OIDC_SCOPE=openid email profile groups # Space-separated OIDC scopes to request (must include scopes for any claim used by OIDC_ADMIN_CLAIM)
OIDC_SCOPE=openid email profile # Fully overrides the default. Add extra scopes as needed (e.g. add groups if using OIDC_ADMIN_CLAIM)
DEMO_MODE=false # Demo mode - resets data hourly