- Configure your OIDC client for Authorization Code Flow
- Set the relevant fields in titra
- Client ID: Client ID as per your OIDC App Configuration
- Client Secret: As per your OIDC App Configuration
- OIDC Server Url: Your auth domain e.g. http://auth.your.domain
- Authorization Endpoint: /your/auth/endpoint Note the prepended slash
- Token Endpoint: /your/token/endpoint Note the prepended slash
- UserInfo Endpoint: /your/userinfo/endpoint Note the prepended slash
- Id Token Fields: Extra fields to be grabbed from your token and appended to the user. In my case my server returns an opaque access token which it grabs first (not the id token) so make sure that these fields are on the relevant token.
You can disable the default login form to prevent password based logins entirely:
All credit goes to @iamscottcab who has authored this documentation and provided two pull requests to improve the OIDC integration.