From d0f8fbdc27300a101b8d614763ff046b79f4b07e Mon Sep 17 00:00:00 2001
From: erikjohnston <erikjohnston@users.noreply.github.com>
Date: Tue, 2 Apr 2024 17:46:21 +0000
Subject: deploy: ca27b516656223150d218bdd838df302fedf838c

---
 latest/usage/configuration/config_documentation.html | 6 ++++++
 1 file changed, 6 insertions(+)

(limited to 'latest/usage/configuration')

diff --git a/latest/usage/configuration/config_documentation.html b/latest/usage/configuration/config_documentation.html
index c8643d76bc..c3bde7a4de 100644
--- a/latest/usage/configuration/config_documentation.html
+++ b/latest/usage/configuration/config_documentation.html
@@ -2982,6 +2982,10 @@ not included in <code>scopes</code>. Set to <code>userinfo_endpoint</code> to al
 userinfo endpoint.</p>
 </li>
 <li>
+<p><code>additional_authorization_parameters</code>: String to string dictionary that will be passed as
+additional parameters to the authorization grant URL.</p>
+</li>
+<li>
 <p><code>allow_existing_users</code>: set to true to allow a user logging in via OIDC to
 match a pre-existing account instead of failing. This could be used if
 switching from password logins to OIDC. Defaults to false.</p>
@@ -3113,6 +3117,8 @@ claim MUST contain &quot;admin&quot;.</p>
     token_endpoint: &quot;https://accounts.example.com/oauth2/token&quot;
     userinfo_endpoint: &quot;https://accounts.example.com/userinfo&quot;
     jwks_uri: &quot;https://accounts.example.com/.well-known/jwks.json&quot;
+    additional_authorization_parameters:
+      acr_values: 2fa
     skip_verification: true
     enable_registration: true
     user_mapping_provider:
-- 
cgit 1.5.1