You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
docs(oidc): Document oidc_protected_paths in configuration.md
This commit updates the main configuration documentation to reflect the
new `oidc_protected_paths` option. It removes the outdated
`oidc_skip_endpoints` and provides a more detailed explanation of how
to create a mix of public and private pages.
Copy file name to clipboardExpand all lines: configuration.md
+2-2Lines changed: 2 additions & 2 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -25,7 +25,7 @@ Here are the available configuration options and their default values:
25
25
|`configuration_directory`|`./sqlpage/`| The directory where the `sqlpage.json` file is located. This is used to find the path to [`templates/`](https://sql-page.com/custom_components.sql), [`migrations/`](https://sql-page.com/your-first-sql-website/migrations.sql), and `on_connect.sql`. Obviously, this configuration parameter can be set only through environment variables, not through the `sqlpage.json` file itself in order to find the `sqlpage.json` file. Be careful not to use a path that is accessible from the public WEB_ROOT |
26
26
|`allow_exec`| false | Allow usage of the `sqlpage.exec` function. Do this only if all users with write access to sqlpage query files and to the optional `sqlpage_files` table on the database are trusted. |
27
27
|`max_uploaded_file_size`| 5242880 | Maximum size of forms and uploaded files in bytes. Defaults to 5 MiB. |
28
-
| `oidc_skip_endpoints` | | A List of enpoints which should be ignored by OIDC
28
+
|`oidc_protected_paths`|`["/"]`| A list of URL prefixes that should be protected by OIDC authentication. By default, all paths are protected (`["/"]`). If you want to make some pages public, you can restrict authentication to a sub-path, for instance `["/admin", "/users/settings"]`. |
29
29
|`oidc_issuer_url`|| The base URL of the [OpenID Connect provider](#openid-connect-oidc-authentication). Required for enabling Single Sign-On. |
30
30
|`oidc_client_id`| sqlpage | The ID that identifies your SQLPage application to the OIDC provider. You get this when registering your app with the provider. |
31
31
|`oidc_client_secret`|| The secret key for your SQLPage application. Keep this confidential as it allows your app to authenticate with the OIDC provider. |
@@ -91,7 +91,7 @@ This allows you to keep the password separate from the connection string, which
91
91
92
92
### OpenID Connect (OIDC) Authentication
93
93
94
-
OpenID Connect (OIDC) is a secure way to let users log in to your SQLPage application using their existing accounts from popular services. When OIDC is configured, all access to your SQLPage application will require users to log in through the chosen provider. This enables Single Sign-On (SSO), allowing you to restrict access to your application without having to handle authentication yourself.
94
+
OpenID Connect (OIDC) is a secure way to let users log in to your SQLPage application using their existing accounts from popular services. When OIDC is configured, you can control which parts of your application require authentication using the `oidc_protected_paths` option. By default, all pages are protected. You can specify a list of URL prefixes to protect specific areas, allowing you to have a mix of public and private pages.
95
95
96
96
To set up OIDC, you'll need to:
97
97
1. Register your application with an OIDC provider
0 commit comments