# To configure generic OIDC auth, you'll need some kind of identity provider.
# See documentation for whichever IdP you use to acquire the following info:
# Redirect URI is https://<URL>/auth/oidc.callback
OIDC_CLIENT_ID={{ oidc_client_id }}
OIDC_CLIENT_SECRET={{ oidc_client_secret }}
OIDC_AUTH_URI= {{ oidc_auth_uri }}
OIDC_TOKEN_URI={{ oidc_token_uri }}
OIDC_USERINFO_URI={{ oidc_userinfo_uri }}

# Specify which claims to derive user information from
# Supports any valid JSON path with the JWT payload
OIDC_USERNAME_CLAIM={{ oidc_username_claim }}

# Display name for OIDC authentication
OIDC_DISPLAY_NAME=OpenID

# Space separated auth scopes.
OIDC_SCOPES=openid profile email