Hey folks,
just set up another gitea instance with authelia as OpenID provided.
Is there any way to use and force the OpenID provided username (preferred_username openid field from claim) for new accounts?
Used ResourcesSee this comment on GitHub:
I realize this is pretty old, but have you tried the
ENABLE_AUTO_REGISTRATION = trueflag combined with theACCOUNT_LINKING = autoflag? I think that might give you your desired behavior. It will skip the screen that allows users to set their username/email when logging in for the first time via OIDC. If no user with the IdP-provided email exists, it will create a new user, whereas if a user with the IdP-provided email already exists, it will link that login to the existing user. Users won’t have a chance to set those parameters.
Thanks for the advice. It helped somehow but ended in a internal server error 500 in gitea.
It seems like Gitea can’t resolve the openid/ oauth2 attributes from authelia.
So I tried to set the config keys OPENID_CONNECT_SCOPES, and USERNAME but can’t find the correct values therefore.
Solved it with these settings:- GITEA__openid__ENABLE_OPENID_SIGNIN=true
- GITEA__openid__ENABLE_OPENID_SIGNUP=true
- GITEA__oauth2_client__ENABLE_AUTO_REGISTRATION=true
- GITEA__oauth2_client__ACCOUNT_LINKING=auto
- GITEA__oauth2_client__USERNAME=nickname
- GITEA__oauth2_client__OPENID_CONNECT_SCOPES=openid profile email
Doesn’t this refer to OpenID rather than OpenID Connect? I’ve set both to false but I’m still able to login via OpenID Connect.