Add Additional Scopes to Maximize Functionality from Custom idP (#80)
* add additional scopes to config schema Keep original groups setting for backwards compatibility. * fix weird text issue * Add support for additional scopes in OIDC setup * fix compile error * Update documentation to include description of additional oidc scopes * clarify documentation
This commit is contained in:
Seth
GitHub
@@ -127,6 +127,7 @@ Here's a table of all options that you can set:
|
||||
| `display_name` | `string` | No | `"OpenID Connect (SSO)"` | The name to display on the login screen, both for the Home Assistant screen and the OIDC welcome screen. |
|
||||
| `id_token_signing_alg` | `string` | No | `RS256` | The signing algorithm that is used for your id_tokens.
|
||||
| `groups_scope` | `string` | No | `groups` | Override the default grups scope with another scope of your choice. |
|
||||
| `additional_scopes`|`list of strings`| No | `empty list` | Add additional scopes to request for custom identity provider configurations in addition to the automatic `openid` and `profile` scopes and the `groups_scope` configuration option |
|
||||
| `features.automatic_user_linking` | `boolean`| No | `false` | Automatically links users to existing Home Assistant users based on the OIDC username claim. Disabled by default for security. When disabled, OIDC users will get their own new user profile upon first login. |
|
||||
| `features.automatic_person_creation` | `boolean` | No | `true` | Automatically creates a person entry for new user profiles created by this integration. Recommended if you would like to assign presence detection to OIDC users. |
|
||||
| `features.disable_rfc7636` | `boolean`| No | `false` | Disables PKCE (RFC 7636) for OIDC providers that don't support it. You should not need this with most providers. |
|
||||
|
||||
Reference in New Issue
Block a user