Before You Begin
You are required to utilize a unique client id and a unique and random client secret for all OpenID Connect relying parties. You should not use the client secret in this example, you should randomly generate one yourself. You may also choose to utilize a different client id, it’s completely up to you.
This example makes the following assumptions:
- Application Root URL:
- Authelia Root URL:
- Client ID:
- Client Secret:
Important Note: At the time of this writing Outline requires the
offline_access scope by default. Failure to include this scope will result
in an error as Outline will attempt to use a refresh token that is never issued.
- Configure the following environment options:
URL=https://outline.example.com FORCE_HTTPS=true OIDC_CLIENT_ID=outline OIDC_CLIENT_SECRET=outline_client_secret OIDC_AUTH_URI=https://auth.example.com/api/oidc/authorization OIDC_TOKEN_URI=https://auth.example.com/api/oidc/token OIDC_USERINFO_URI=https://auth.example.com/api/oidc/userinfo OIDC_USERNAME_CLAIM=preferred_username OIDC_DISPLAY_NAME=Authelia OIDC_SCOPES="openid offline_access profile email"
- id: outline description: Outline secret: outline_client_secret public: false authorization_policy: two_factor redirect_uris: - https://outline.example.com/auth/oidc.callback scopes: - openid - offline_access - profile - email userinfo_signing_algorithm: none