Update Lemonldap-NG OIDC config (#17204)

Update OIDC documentation: by default Matrix doesn't query userinfo endpoint, then claims should be put on id_token.
2024-05-22 16:29:31 +04:00
parent 6a9a641fb8
commit a547b49773
2 changed files with 3 additions and 0 deletions
--- a/changelog.d/17204.doc
+++ b/changelog.d/17204.doc
@@ -0,0 +1 @@
+Update OIDC documentation: by default Matrix doesn't query userinfo endpoint, then claims should be put on id_token.
--- a/docs/openid.md
+++ b/docs/openid.md
@@ -525,6 +525,8 @@ oidc_providers:
  (`Options > Security > ID Token signature algorithm` and `Options > Security >
  Access Token signature algorithm`)
 - Scopes: OpenID, Email and Profile
+- Force claims into `id_token`
+  (`Options > Advanced > Force claims to be returned in ID Token`)
 - Allowed redirection addresses for login (`Options > Basic > Allowed
  redirection addresses for login` ) :
  `[synapse public baseurl]/_synapse/client/oidc/callback`
				`@@ -0,0 +1 @@`
				`Update OIDC documentation: by default Matrix doesn't query userinfo endpoint, then claims should be put on id_token.`