ami/tl-vikunja
1
0
Fork 0
Code
tl-vikunja/docs/content/doc/setup/openid-examples.md
Dominik Pschenitschni aaa0593289 feat(docs): various improvements 
- removing spaces at end of line
- fixing spelling and grammar mistakes
- making sure 'Vikunja' is spelled the same way everywhere
- prefer using editors word wrap instead of hardcoding word wrap in markdown (reason: different word wrap per editor & end of line space)
- add newline add end where missing
- remove double colon at end of headlines
- remove unnecessary indention
- make sure code blocks and headlines etc always have an empty line around
2023-04-11 16:42:59 +00:00

1.9 KiB
Raw Blame History

date, title, draft, type, menu
date title draft type menu
2022-08-09:00:00+02:00 OpenID example configurations false doc
sidebar
parent
setup

OpenID example configurations

On this page you will find examples about how to set up Vikunja with a third-party OpenID provider. To add another example, please edit this document and send a PR.

{{< table_of_contents >}}

Authelia

Vikunja Config:

openid:
    enabled: true
    redirecturl: https://vikunja.mydomain.com/auth/openid/  <---- slash at the end is important
    providers:
      - name: Authelia
        authurl: https://login.mydomain.com
        clientid: <vikunja-id>
        clientsecret: <vikunja secret>

Authelia config:

- id: <vikunja-id>
description: Vikunja
secret: <vikunja secret>
redirect_uris:
  - https://vikunja.mydomain.com/auth/openid/authelia
scopes:
  - openid
  - email
  - profile

Google / Google Workspace

Vikunja Config:

openid:
    enabled: true
    redirecturl: https://vikunja.mydomain.com/auth/openid/  <---- slash at the end is important
    providers:
      - name: Google
        authurl: https://accounts.google.com
        clientid: <google-oauth-client-id>
        clientsecret: <google-oauth-client-secret>

Google config:

  • Navigate to https://console.cloud.google.com/apis/credentials in the target project
  • Create a new OAuth client ID
  • Configure an authorized redirect URI of https://vikunja.mydomain.com/auth/openid/google

Note that there currently seems to be no way to stop creation of new users, even when enableregistration is false in the configuration. This means that this approach works well only with an "Internal Organization" app for Google Workspace, which limits the allowed users to organizational accounts only. External / public applications will potentially allow every Google user to register.