mirror of https://github.com/coder/coder.git
docs: add oidc keycloak docs (#8042)
* adding docs for keycloak to solve the problem with the refraish token * fmt
This commit is contained in:
parent
0c5077464b
commit
c8e67833f5
|
@ -328,3 +328,11 @@ Below are some details specific to individual OIDC providers.
|
|||
```
|
||||
|
||||
- (Optional) If using Group Sync, send the required groups in the configured groups claim field. See [here](https://stackoverflow.com/a/55570286) for an example.
|
||||
|
||||
### Keycloak
|
||||
|
||||
The access_type parameter has two possible values: "online" and "offline." By default, the value is set to "offline". This means that when a user authenticates using OIDC, the application requests offline access to the user's resources, including the ability to refresh access tokens without requiring the user to reauthenticate.
|
||||
|
||||
To enable the `offline_access` scope, which allows for the refresh token functionality, you need to add it to the list of requested scopes during the authentication flow. Including the `offline_access` scope in the requested scopes ensures that the user is granted the necessary permissions to obtain refresh tokens.
|
||||
|
||||
By combining the `{"access_type":"offline"}` parameter in the OIDC Auth URL with the `offline_access` scope, you can achieve the desired behavior of obtaining refresh tokens for offline access to the user's resources.
|
||||
|
|
Loading…
Reference in New Issue