From 6aefe2d143e66efc4db85aa1ff3f5f1e412bec73 Mon Sep 17 00:00:00 2001 From: Peter Kuehne Date: Mon, 8 Jul 2024 17:29:40 +0100 Subject: [PATCH] website/integrations: add offline_access scope to DokuWiki (#10208) * Add offline_access scope to DokuWiki Since 2024.2, authentik requires the offline_access scope to be enabled and requested in order for DokuWiki to request a refresh token. Signed-off-by: Peter Kuehne * Update index.md Signed-off-by: Peter Kuehne --------- Signed-off-by: Peter Kuehne Co-authored-by: Marc 'risson' Schmitt --- website/integrations/services/dokuwiki/index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/website/integrations/services/dokuwiki/index.md b/website/integrations/services/dokuwiki/index.md index b84dd50a25..fd471cadbc 100644 --- a/website/integrations/services/dokuwiki/index.md +++ b/website/integrations/services/dokuwiki/index.md @@ -38,7 +38,7 @@ For _Oauthgeneric_: - plugin»oauthgeneric»tokenurl: https://authentik.company/application/o/token/ - plugin»oauthgeneric»userurl: https://authentik.company/application/o/userinfo/ - plugin»oauthgeneric»authmethod: Bearer Header -- plugin»oauthgeneric»scopes: email, openid, profile +- plugin»oauthgeneric»scopes: email, openid, profile, offline_access - plugin»oauthgeneric»needs-state: checked - plugin»oauthgeneric»json-user: preferred_username - plugin»oauthgeneric»json-name: name @@ -60,6 +60,8 @@ In authentik, under _Providers_, create an _OAuth2/OpenID Provider_ with these s Note the _client ID_ and _client secret_, then save the provider. If you need to retrieve these values, you can do so by editing the provider. +To prevent users from needing to log in again as soon as the access token expires, include the _offline_access_ scope in both authentik and DokuWiki. This scope allows DokuWiki to use refresh tokens. + ### Application In authentik, create an application which uses this provider. Optionally apply access restrictions to the application using policy bindings.