[docs] Clarify email requirement for OIDC (#1918)

author: Daenney <daenney@users.noreply.github.com> 2023-06-21 21:22:51 +0200
committer: GitHub <noreply@github.com> 2023-06-21 21:22:51 +0200
commit: c4cf6326d872f5b2ac93304b35e223695f703bb6 (patch)
tree: c4e67686ac5a374c008c1e2133e47269a0da3a19 /docs/configuration/oidc.md
parent: [performance] update go-cache library (#1917) (diff)
download: gotosocial-c4cf6326d872f5b2ac93304b35e223695f703bb6.tar.xz
1 files changed, 3 insertions, 0 deletions
diff --git a/docs/configuration/oidc.md b/docs/configuration/oidc.md
index 9018b5887..de321a55e 100644
--- a/docs/configuration/oidc.md
+++ b/docs/configuration/oidc.md
@@ -10,6 +10,9 @@ This is very convenient in the following cases:
 - You want to delegate management of users, accounts, passwords etc. to an external service to make admin easier for yourself.
 - You already have a lot of users in an external system and you don't want to have to recreate them all in GoToSocial manually.
 
+!!! tip
+    If a user doesn't exist yet, login will fail if your IdP doesn't return a non-empty `email` as part of the claims. The email needs to be unique on this instance. Though we use the `sub` claim to associate the external identity with a GtS user, when a user is created it needs an email associated with it.
+
 ## Settings
 
 GoToSocial exposes the following configuration settings for OIDC, shown below with their default values.
author	Daenney <daenney@users.noreply.github.com>	2023-06-21 21:22:51 +0200
committer	GitHub <noreply@github.com>	2023-06-21 21:22:51 +0200
commit	c4cf6326d872f5b2ac93304b35e223695f703bb6 (patch)
tree	c4e67686ac5a374c008c1e2133e47269a0da3a19 /docs/configuration/oidc.md
parent	[performance] update go-cache library (#1917) (diff)
download	gotosocial-c4cf6326d872f5b2ac93304b35e223695f703bb6.tar.xz