Add OIDC role sync config (OIDC_ADMIN_GROUP_NAME, OIDC_GROUPS_CLAIM)
Mv.OidcRoleSyncConfig reads from config; runtime.exs overrides from ENV in prod.
This commit is contained in:
parent
50c8a0dc9a
commit
a6e35da0f7
4 changed files with 83 additions and 0 deletions
|
|
@ -153,6 +153,11 @@ if config_env() == :prod do
|
|||
client_secret: client_secret,
|
||||
redirect_uri: System.get_env("OIDC_REDIRECT_URI") || default_redirect_uri
|
||||
|
||||
# OIDC group → Admin role sync (optional). Groups claim default "groups".
|
||||
config :mv, :oidc_role_sync,
|
||||
admin_group_name: System.get_env("OIDC_ADMIN_GROUP_NAME"),
|
||||
groups_claim: System.get_env("OIDC_GROUPS_CLAIM") || "groups"
|
||||
|
||||
# Token signing secret from environment variable
|
||||
# This overrides the placeholder value set in prod.exs
|
||||
# Supports TOKEN_SIGNING_SECRET or TOKEN_SIGNING_SECRET_FILE for Docker secrets.
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue