Mirrors/mealie
1
0
Fork 0
mirror of https://github.com/mealie-recipes/mealie.git synced 2025-10-27 00:04:23 -04:00
Code Issues Packages Projects Releases Wiki Activity

docs: document necessity of forwarded-allow-ips with OIDC behind reverse-proxy https (#5461)

Browse Source
This commit is contained in:
oddlama
2025-05-21 21:15:14 +02:00
committed by GitHub
parent a652830a26
commit c13c0868ae
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
docs/docs/documentation/getting-started/authentication/oidc.md
View File

@@ -36,6 +36,10 @@ Before you can start using OIDC Authentication, you must first configure a new c
http://localhost:9091/login
https://mealie.example.com/login
If you are hosting Mealie behind a reverse proxy (nginx, Caddy, ...) to terminate TLS, make sure to start Mealie's Gunicorn server
with `--forwarded-allow-ips=<ip-of-proxy>`, otherwise the `X-Forwarded-*` headers will be ignored and the generated OIDC redirect
URI will use the wrong scheme (http instead of https). This will lead to authentication errors with strict OIDC providers.
3. Configure origins
If your identity provider enforces CORS on any endpoints, you will need to specify your Mealie URL as an Allowed Origin.