Trillium Notes

This integration guide is community supported. It's not guaranteed to be complete, accurate, or up-to-date. It's likely that if this integration guide does not work for you that changes occurred with a third-party application.

Important Note: This documentation is version specific. Make sure you check the section outlining the tested versions.

Important Note: We always recommend users read the third-party documentation as part of the integration process to ensure configuration elements matches their needs. As such the See Also section is likely to have important links.

Important Note: If you find an error in this documentation please make a Pull Request, start a Discussion, or contact us on a Chat Room.

Tested Versions

Assumptions

This example makes the following assumptions:

Application Root URL: https://trillium.example.com/
Authelia Root URL: https://auth.example.com/
Client ID: trillium
Client Secret: insecure_secret

Some of the values presented in this guide can automatically be replaced with documentation variables.

Configuration

Authelia

Important Note

At the time of this writing this third party client has a bug and does not support OpenID Connect 1.0. This configuration will likely require configuration of an escape hatch to work around the bug on their end. See Configuration Escape Hatch for details.

The following YAML configuration is an example Authelia client configuration for use with Trillium Notes which will operate with the application example:

identity_providers:
  oidc:
    ## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
    ## See: https://www.authelia.com/c/oidc
    clients:
      - client_id: 'trillium'
        client_name: 'Trillium Notes'
        client_secret: '$pbkdf2-sha512$310000$c8p78n7pUMln0jzvd4aK4Q$JNRBzwAo0ek5qKn50cFzzvE9RXV88h1wJn5KGiHrD0YKtZaR/nCb2CJPOsKaPK0hjf.9yHxzQGZziziccp6Yng'  # The digest of 'insecure_secret'.
        public: false
        authorization_policy: 'two_factor'
        require_pkce: false
        pkce_challenge_method: ''
        redirect_uris:
          - 'https://trillium.example.com/callback'
        scopes:
          - 'openid'
          - 'profile'
          - 'email'
        response_types:
          - 'code'
        grant_types:
          - 'authorization_code'
        access_token_signed_response_alg: 'none'
        userinfo_signed_response_alg: 'none'
        token_endpoint_auth_method: 'client_secret_basic'

Application

To configure Trillium Notes there are two methods, using the Configuration File or using the Environment Variables.

Configuration File

To configure Trillium Notes to utilize Authelia as an OpenID Connect 1.0 Provider, use the following configuration:

[MultiFactorAuthentication]
oauthBaseUrl=https://trillium.example.com
oauthClientId=trillium
oauthClientSecret=insecure_secret
oauthIssuerBaseUrl=https://auth.example.com
oauthIssuerName=Authelia
oauthIssuerIcon=https://www.authelia.com/images/branding/logo-cropped.png

Environment Variables

To configure Trillium Notes to utilize Authelia as an OpenID Connect 1.0 Provider, use the following environment variables:

Standard

TRILIUM_OAUTH_BASE_URL=https://trillium.example.com
TRILIUM_OAUTH_CLIENT_ID=trillium
TRILIUM_OAUTH_CLIENT_SECRET=insecure_secret
TRILIUM_OAUTH_ISSUER_BASE_URL=https://auth.example.com
TRILIUM_OAUTH_ISSUER_NAME=Authelia
TRILIUM_OAUTH_ISSUER_ICON=https://www.authelia.com/images/branding/logo-cropped.png

Docker Compose

services:
  trillium:
    environment:
      TRILIUM_OAUTH_BASE_URL: 'https://trillium.example.com'
      TRILIUM_OAUTH_CLIENT_ID: 'trillium'
      TRILIUM_OAUTH_CLIENT_SECRET: 'insecure_secret'
      TRILIUM_OAUTH_ISSUER_BASE_URL: 'https://auth.example.com'
      TRILIUM_OAUTH_ISSUER_NAME: 'Authelia'
      TRILIUM_OAUTH_ISSUER_ICON: 'https://www.authelia.com/images/branding/logo-cropped.png'

Trillium Notes

Tested Versions#

Assumptions#

Configuration#

Authelia#

Application#

Configuration File#

Environment Variables#

Standard#

Docker Compose#

See Also#