Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2026-04-22 21:05:35 -04:00
Code Issues Packages Projects Releases Wiki Activity

docs: document necessity of forwarded-allow-ips with OIDC behind reverse-proxy https in oidc-v2.md (#7424)

Browse Source 
Co-authored-by: Michael Genson <71845777+michael-genson@users.noreply.github.com>
This commit is contained in:
Ben Harper
2026-04-22 00:30:04 +10:00
committed by GitHub
parent 870b793d5f
commit b3ce0faf26
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/docs/documentation/getting-started/authentication/oidc-v2.md
View File

@@ -42,6 +42,10 @@ Before you can start using OIDC Authentication, you must first configure a new c
http://localhost:9091/login http://localhost:9091/login
https://mealie.example.com/login https://mealie.example.com/login
If you are hosting Mealie behind a reverse proxy (nginx, Caddy, ...) to terminate TLS, make sure to start Mealie's Gunicorn server
with `--forwarded-allow-ips=<ip-of-proxy>`, otherwise the `X-Forwarded-*` headers will be ignored and the generated OIDC redirect
URI will use the wrong scheme (http instead of https). This will lead to authentication errors with strict OIDC providers.
3. Configure allowed scopes 3. Configure allowed scopes
The scopes required are `openid profile email` The scopes required are `openid profile email`