feat(vault): update vault SSO config

This commit is contained in:
Xavier Morel
2026-06-09 13:07:51 +02:00
parent e3f4152200
commit 3052d488de
+2 -2
View File
@@ -27,14 +27,14 @@ in
ORG_CREATION_USERS = config.globals.master.email; ORG_CREATION_USERS = config.globals.master.email;
SSO_ENABLED = true; SSO_ENABLED = true;
SSO_AUTH_ONLY_NOT_SESSION = true; # SSO_AUTH_ONLY_NOT_SESSION = true;
SSO_AUTHORITY = "https://${auth_host}/application/o/vaultwarden/"; SSO_AUTHORITY = "https://${auth_host}/application/o/vaultwarden/";
SSO_CLIENT_ID = oidc.oidc_client_id; SSO_CLIENT_ID = oidc.oidc_client_id;
SSO_CLIENT_SECRET = oidc.oidc_secret_id; SSO_CLIENT_SECRET = oidc.oidc_secret_id;
SSO_SCOPES = "openid profile email offline_access"; SSO_SCOPES = "openid profile email offline_access";
SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION = false; SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION = false;
SSO_CLIENT_CACHE_EXPIRATION = 0; SSO_CLIENT_CACHE_EXPIRATION = 0;
SSO_ONLY = false; # Set to true to disable email and master password login and require SSO SSO_ONLY = true; # Set to true to disable email and master password login and require SSO
SSO_SIGNUPS_MATCH_EMAIL = true; # Match first SSO login to an existing account by email SSO_SIGNUPS_MATCH_EMAIL = true; # Match first SSO login to an existing account by email
}; };
dbBackend = "postgresql"; dbBackend = "postgresql";