Add docs on new setting
OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY
This commit is contained in:
parent
542479a227
commit
35532634fa
2 changed files with 11 additions and 0 deletions
|
@ -18,6 +18,10 @@ Somewhere in your Django ``settings.py``::
|
||||||
|
|
||||||
OIDC_SESSION_MANAGEMENT_ENABLE = True
|
OIDC_SESSION_MANAGEMENT_ENABLE = True
|
||||||
|
|
||||||
|
|
||||||
|
If you're in a multi-server setup, you might also want to add ``OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY`` to your settings and set it to some random but fixed string. While authenticated clients have a session that can be used to calculate the browser state, there is no such thing for unauthenticated clients. Hence this value. By default a value is generated randomly on startup, so this will be different on each server. To get a consistent value across all servers you should set this yourself.
|
||||||
|
|
||||||
|
|
||||||
Example RP iframe
|
Example RP iframe
|
||||||
=================
|
=================
|
||||||
|
|
||||||
|
|
|
@ -110,6 +110,13 @@ OPTIONAL. ``bool``. Enables OpenID Connect Session Management 1.0 in your provid
|
||||||
|
|
||||||
Default is ``False``.
|
Default is ``False``.
|
||||||
|
|
||||||
|
OIDC_UNAUTHENTICATED_SESSION_MANAGEMENT_KEY
|
||||||
|
===========================================
|
||||||
|
|
||||||
|
OPTIONAL. Supply a fixed string to use as browser-state key for unauthenticated clients. Read :ref:`sessionmanagement` section.
|
||||||
|
|
||||||
|
Default is a string generated at startup.
|
||||||
|
|
||||||
OIDC_SKIP_CONSENT_ALWAYS
|
OIDC_SKIP_CONSENT_ALWAYS
|
||||||
========================
|
========================
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue