Add docs on new setting

OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY
2017-04-18 13:50:28 +02:00 · 2017-04-18 13:50:28 +02:00 · 35532634fa
parent 542479a227
commit 35532634fa
2 changed files with 11 additions and 0 deletions
--- a/docs/sections/sessionmanagement.rst
+++ b/docs/sections/sessionmanagement.rst
@ -18,6 +18,10 @@ Somewhere in your Django ``settings.py``::

    OIDC_SESSION_MANAGEMENT_ENABLE = True

+
+If you're in a multi-server setup, you might also want to add ``OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY`` to your settings and set it to some random but fixed string. While authenticated clients have a session that can be used to calculate the browser state, there is no such thing for unauthenticated clients. Hence this value. By default a value is generated randomly on startup, so this will be different on each server. To get a consistent value across all servers you should set this yourself.
+
+
 Example RP iframe
 =================

--- a/docs/sections/settings.rst
+++ b/docs/sections/settings.rst
@ -110,6 +110,13 @@ OPTIONAL. ``bool``. Enables OpenID Connect Session Management 1.0 in your provid

 Default is ``False``.

+OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY
+===========================================
+
+OPTIONAL. Supply a fixed string to use as browser-state key for unauthenticated clients. Read :ref:`sessionmanagement` section.
+
+Default is a string generated at startup.
+
 OIDC_SKIP_CONSENT_ALWAYS
 ========================