mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-02-06 12:21:21 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
a486571c94de622f1216b3ef0f643484eff9b1df
opencloud/services/idp/README.md
Michael Barz 5c7f58c8b5 fix: correct README.md files which contain broken or missing links (#1854) 
Co-authored-by: Thomas Schweiger <t.schweiger@opencloud.eu>
2025-11-14 11:22:30 +01:00

83 lines
2.6 KiB
Markdown
Raw Blame History

# IDP
This service provides a builtin minimal OpenID Connect provider based on [LibreGraph Connect (lico)](https://github.com/libregraph/lico) for OpenCloud.
It is mainly targeted at smaller installations. For larger setups it is recommended to replace IDP with an external OpenID Connect Provider.
By default, it is configured to use the OpenCloud IDM service as its LDAP backend for looking up and authenticating users. Other backends like an external LDAP server can be configured via a set of [enviroment variables](https://docs.opencloud.eu/docs/dev/server/services/idp/environment-variables).
Note that translations provided by the IDP service are not maintained via OpenCloud but part of the embedded [LibreGraph Connect Identifier](https://github.com/libregraph/lico/tree/master/identifier) package.
## Configuration
### Custom Clients
By default the `idp` service generates a OIDC client configuration suitable for
using OpenCloud with the standard client applications (Web, Desktop, iOS and
Android). If you need to configure additional client it is possible to inject a
custom configuration via `yaml`. This can be done by adding a section `clients`
to the `idp` section of the main configuration file (`opencloud.yaml`). This section
needs to contain configuration for all clients (including the standard clients).
For example if you want to add a (public) client for use with the oidc-agent you would
need to add this snippet to the `idp` section in `opencloud.yaml`.
```yaml
clients:
- id: web
name: OpenCloud Web App
trusted: true
secret: ""
redirect_uris:
- https://opencloud.k8s:9200/
- https://opencloud.k8s:9200/oidc-callback.html
- https://opencloud.k8s:9200/oidc-silent-redirect.html
post_logout_redirect_uris: []
origins:
- https://opencloud.k8s:9200
application_type: ""
- id: OpenCloudDesktop
name: OpenCloud Desktop Client
trusted: false
secret: ""
redirect_uris:
- http://127.0.0.1
- http://localhost
post_logout_redirect_uris: []
origins: []
application_type: native
- id: OpenCloudAndroid
name: OpenCloud Android App
trusted: false
secret: ""
redirect_uris:
- oc://android.opencloud.eu
post_logout_redirect_uris:
- oc://android.opencloud.eu
origins: []
application_type: native
- id: OpenCloudIOS
name: OpenCloud iOS App
trusted: false
secret: ""
redirect_uris:
- oc://ios.opencloud.eu
post_logout_redirect_uris:
- oc://ios.opencloud.eu
origins: []
application_type: native
- id: oidc-agent
name: OIDC Agent
trusted: false
secret: ""
redirect_uris:
- http://127.0.0.1
- http://localhost
post_logout_redirect_uris: []
origins: []
application_type: native
```
Reference in New Issue View Git Blame Copy Permalink