centersl/librechat.ai
1
0
Fork 0
mirror of https://github.com/LibreChat-AI/librechat.ai.git synced 2026-03-27 10:48:32 +07:00
Code Issues Packages Projects Releases Wiki Activity

🛂 docs: fill correct callback urls for authelia OIDC (#171)

Browse Source 
Fix documentation of authelia OIDC integration by:
- improve docker run command with '--rm'
- switch to newer yaml syntax for authelia identity provider definition
- fill correct OPENID_ISSUER and OPENID_CALLBACK_URL in dotenv file

Co-authored-by: Danny Avila <danny@librechat.ai>
This commit is contained in:
Maximilian Brueckl
2025-02-07 03:43:51 +01:00
committed by GitHub
parent 92ad737a74
commit 1067452409
1 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
pages/docs/configuration/authentication/OAuth2-OIDC/authelia.mdx
View File

@@ -7,22 +7,22 @@ description: Learn how to configure LibreChat to use Authelia for user authentic
- Generate a client secret using:
```
docker run authelia/authelia:latest authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986
docker run --rm authelia/authelia:latest authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986
```
- Then in your `configuration.yml` add the following in the oidc section:
```bash filename="configuration.yml"
- id: librechat
description: LibreChat
secret: '$pbkdf2-GENERATED_SECRET_KEY_HERE'
- client_id: 'librechat'
client_name: 'LibreChat'
client_secret: '$pbkdf2-GENERATED_SECRET_KEY_HERE'
public: false
authorization_policy: two_factor
authorization_policy: 'two_factor'
redirect_uris:
- 'https://LIBRECHAT.URL/oauth/openid/callback'
scopes:
- openid
- profile
- email
userinfo_signing_algorithm: none
- 'openid'
- 'profile'
- 'email'
userinfo_signing_algorithm: 'none'
```
- Then restart Authelia
@@ -32,13 +32,13 @@ description: Learn how to configure LibreChat to use Authelia for user authentic
```bash filename=".env"
ALLOW_SOCIAL_LOGIN=true
OPENID_BUTTON_LABEL='Log in with Authelia'
OPENID_ISSUER=https://auth.example.com
OPENID_ISSUER=https://auth.example.com/.well-known/openid-configuration
OPENID_CLIENT_ID=librechat
OPENID_CLIENT_SECRET=ACTUAL_GENERATED_SECRET_HERE
OPENID_SESSION_SECRET=ANY_RANDOM_STRING
OPENID_CALLBACK_URL=https://auth.example.com/api/oidc/authorization
OPENID_CALLBACK_URL=/oauth/openid/callback
OPENID_SCOPE="openid profile email"
OPENID_IMAGE_URL=https://www.authelia.com/images/branding/logo-cropped.png
# Optional: redirects the user to the end session endpoint after logging out
OPENID_USE_END_SESSION_ENDPOINT=true
```