summary refs log tree commit diff
path: root/docs/usage
diff options
context:
space:
mode:
authorMathieu Velten <mathieu.velten@beta.gouv.fr>2024-03-22 11:35:11 +0100
committerGitHub <noreply@github.com>2024-03-22 10:35:11 +0000
commitb7af076ab524c018992a05b031cd8e3533ab59d4 (patch)
tree5a2d86fc0e303ad2c0f6f37cbaf551627ca96d43 /docs/usage
parentDo not refuse to set read_marker if previous event_id is in wrong room (#16990) (diff)
downloadsynapse-b7af076ab524c018992a05b031cd8e3533ab59d4.tar.xz
Add OIDC config to add extra parameters to the authorize URL (#16971)
Diffstat (limited to 'docs/usage')
-rw-r--r--docs/usage/configuration/config_documentation.md5
1 files changed, 5 insertions, 0 deletions
diff --git a/docs/usage/configuration/config_documentation.md b/docs/usage/configuration/config_documentation.md
index 638a459ed5..985f90c8a1 100644
--- a/docs/usage/configuration/config_documentation.md
+++ b/docs/usage/configuration/config_documentation.md
@@ -3349,6 +3349,9 @@ Options for each entry include:
    not included in `scopes`. Set to `userinfo_endpoint` to always use the
    userinfo endpoint.
 
+* `additional_authorization_parameters`: String to string dictionary that will be passed as
+   additional parameters to the authorization grant URL.
+
 * `allow_existing_users`: set to true to allow a user logging in via OIDC to
    match a pre-existing account instead of failing. This could be used if
    switching from password logins to OIDC. Defaults to false.
@@ -3473,6 +3476,8 @@ oidc_providers:
     token_endpoint: "https://accounts.example.com/oauth2/token"
     userinfo_endpoint: "https://accounts.example.com/userinfo"
     jwks_uri: "https://accounts.example.com/.well-known/jwks.json"
+    additional_authorization_parameters:
+      acr_values: 2fa
     skip_verification: true
     enable_registration: true
     user_mapping_provider: