OpenCloud
/
riot-web
mirror of https://github.com/vector-im/riot-web
1
0
Fork 0
Code Issues Releases Wiki Activity
riot-web/docs/oidc.md

1018 B
Raw Blame History

OIDC and delegated authentication

See https://areweoidcyet.com/client-implementation-guide/ for implementation details.

Element Web uses MSC2965: OIDC provider discovery to discover the configured provider. Where a valid MSC2965 configuration is discovered, OIDC native login flow will be the only login option offered. Element Web will attempt to dynamically register with the configured OP. Then, authentication will be completed as described here.

Statically configured OIDC clients

Clients that are already registered with the OP can configure their client_id in config.json. Where static configuration exists for the OP dynamic client registration will not be attempted.

{
    "oidc_static_clients": {
        "https://dummyoidcprovider.com/": {
            "client_id": "abc123"
        }
    }
}