diff options
Diffstat (limited to 'example/config.yaml')
| -rw-r--r-- | example/config.yaml | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/example/config.yaml b/example/config.yaml index 2fab24ab8..2239e0ba6 100644 --- a/example/config.yaml +++ b/example/config.yaml @@ -616,7 +616,7 @@ oidc-client-secret: "" # Array of string. Scopes to request from the OIDC provider. The returned values will be used to # populate users created in GtS as a result of the authentication flow. 'openid' and 'email' are required. # 'profile' is used to extract a username for the newly created user. -# 'groups' is optional and can be used to determine if a user is an admin (if they're in the group 'admin' or 'admins'). +# 'groups' is optional and can be used to determine if a user is an admin based on oidc-admin-groups. # Examples: See eg., https://auth0.com/docs/scopes/openid-connect-scopes # Default: ["openid", "email", "profile", "groups"] oidc-scopes: @@ -632,6 +632,11 @@ oidc-scopes: # Default: false oidc-link-existing: false +# Array of string. If the returned ID token contains a 'groups' claim that matches one of the +# groups in oidc-admin-groups, then this user will be granted admin rights on the GtS instance +# Default: [] +oidc-admin-groups: [] + ####################### ##### SMTP CONFIG ##### ####################### |