feat(vault): update vault SSO config
This commit is contained in:
@@ -27,14 +27,14 @@ in
|
|||||||
ORG_CREATION_USERS = config.globals.master.email;
|
ORG_CREATION_USERS = config.globals.master.email;
|
||||||
|
|
||||||
SSO_ENABLED = true;
|
SSO_ENABLED = true;
|
||||||
SSO_AUTH_ONLY_NOT_SESSION = true;
|
# SSO_AUTH_ONLY_NOT_SESSION = true;
|
||||||
SSO_AUTHORITY = "https://${auth_host}/application/o/vaultwarden/";
|
SSO_AUTHORITY = "https://${auth_host}/application/o/vaultwarden/";
|
||||||
SSO_CLIENT_ID = oidc.oidc_client_id;
|
SSO_CLIENT_ID = oidc.oidc_client_id;
|
||||||
SSO_CLIENT_SECRET = oidc.oidc_secret_id;
|
SSO_CLIENT_SECRET = oidc.oidc_secret_id;
|
||||||
SSO_SCOPES = "openid profile email offline_access";
|
SSO_SCOPES = "openid profile email offline_access";
|
||||||
SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION = false;
|
SSO_ALLOW_UNKNOWN_EMAIL_VERIFICATION = false;
|
||||||
SSO_CLIENT_CACHE_EXPIRATION = 0;
|
SSO_CLIENT_CACHE_EXPIRATION = 0;
|
||||||
SSO_ONLY = false; # Set to true to disable email and master password login and require SSO
|
SSO_ONLY = true; # Set to true to disable email and master password login and require SSO
|
||||||
SSO_SIGNUPS_MATCH_EMAIL = true; # Match first SSO login to an existing account by email
|
SSO_SIGNUPS_MATCH_EMAIL = true; # Match first SSO login to an existing account by email
|
||||||
};
|
};
|
||||||
dbBackend = "postgresql";
|
dbBackend = "postgresql";
|
||||||
|
|||||||
Reference in New Issue
Block a user