diff --git a/.env.template b/.env.template index 95c0a6e3..90724e6a 100644 --- a/.env.template +++ b/.env.template @@ -443,11 +443,11 @@ # SSO_CLIENT_SECRET=AAAAAAAAAAAAAAAAAAAAAAAA ## Optional Master password policy (minComplexity=[0-4]) # SSO_MASTER_PASSWORD_POLICY='{"enforceOnLogin":false,"minComplexity":3,"minLength":12,"requireLower":false,"requireNumbers":false,"requireSpecial":false,"requireUpper":false}' -### Use sso only for authentication not the session lifecycle +## Use sso only for authentication not the session lifecycle # SSO_AUTH_ONLY_NOT_SESSION=false -#### Client cache for discovery endpoint. Duration in seconds (0 to disable). +## Client cache for discovery endpoint. Duration in seconds (0 to disable). # SSO_CLIENT_CACHE_EXPIRATION=0 -### Debug only, log all the tokens +## Log all the tokens, LOG_LEVEL=debug is required # SSO_DEBUG_TOKENS=false ######################## diff --git a/SSO.md b/SSO.md index 7ef9217d..c1d82944 100644 --- a/SSO.md +++ b/SSO.md @@ -27,7 +27,7 @@ The following configurations are available - `SSO_MASTER_PASSWORD_POLICY`: Optional Master password policy - `SSO_AUTH_ONLY_NOT_SESSION`: Enable to use SSO only for authentication not session lifecycle - `SSO_CLIENT_CACHE_EXPIRATION`: Cache calls to the discovery endpoint, duration in seconds, `0` to disable (default `0`); - - `SSO_DEBUG_TOKENS`: Log all tokens for easier debugging (default `false`) + - `SSO_DEBUG_TOKENS`: Log all tokens (default `false`, `LOG_LEVEL=debug` is required) The callback url is : `https://your.domain/identity/connect/oidc-signin` diff --git a/src/config.rs b/src/config.rs index 3fa39991..3bb7fd70 100644 --- a/src/config.rs +++ b/src/config.rs @@ -638,7 +638,7 @@ make_config! { sso_auth_only_not_session: bool, true, def, false; /// Client cache for discovery endpoint. Duration in seconds (0 or less to disable). sso_client_cache_expiration: u64, true, def, 0; - /// Log all tokens + /// Log all tokens, LOG_LEVEL=debug is required sso_debug_tokens: bool, true, def, false; },