Mod Auth OpenIDC

Configuration

LoadModule auth_openidc_module modules/mod_auth_openidc.so

Use a2enmod mod_auth_openidc and restart Apache for Debian

<VirtualHost *:443>
        # Server setup
        ServerName myapplication.tld
        # ... your particular directives ...
        # OpenID Connect setup
        OIDCProviderMetadataURL https://mydomain.trustelem.com/app/146XXX/.well-known/openid-configuration
        OIDCClientID trustelem.oidc.XXXXXXXXX
        OIDCClientSecret XXXXXXXX
        OIDCRedirectURI https://myapplication.tld/redirect_uri
        OIDCCryptoPassphrase XXXXXXXX
        OIDCScope "openid"
        <Location /sso-login>
            AuthType openid-connect
            Require valid-user
        </Location>
        # Specific session cookie durations (seconds)
        OIDCSessionInactivityTimeout 300
        OIDCSessionMaxDuration 36000
</VirtualHost>

The OIDCCryptoPassphrase parameter is used in particular for encrypting user session cookies.

Notes

claims["attr1"] = user.firstname;

Revision #2
Created 1 July 2022 09:01:57 by WALLIX Admin
Updated 9 November 2022 10:25:46 by WALLIX Admin