mirrors
/
authelia
mirror of https://github.com/authelia/authelia.git
0
0
Fork 0
Code Issues Projects Releases Wiki Activity
authelia/docs/content/integration/openid-connect/librechat/index.md

3.0 KiB
Raw Permalink Blame History

title description summary date draft images weight toc support seo
LibreChat Integrating LibreChat with the Authelia OpenID Connect 1.0 Provider. 2022-06-15T17:51:47+10:00 false
620 true
level versions integration
community true true
title description canonical noindex
false

Tested Versions

{{% oidc-common %}}

Assumptions

This example makes the following assumptions:

  • Application Root URL: https://librechat.{{< sitevar name="domain" nojs="example.com" >}}/
  • Application Session Secret: insecure_session_secret
  • Authelia Root URL: https://{{< sitevar name="subdomain-authelia" nojs="auth" >}}.{{< sitevar name="domain" nojs="example.com" >}}/
  • Client ID: librechat
  • Client Secret: insecure_secret

Note: The application session secret should be randomly generated in a similar fashion to the client secret, but should not be the same value as the session secret. Users should refer to LibreChat support for more information.

Some of the values presented in this guide can automatically be replaced with documentation variables.

{{< sitevar-preferences >}}

Configuration

Authelia

The following YAML configuration is an example Authelia [client configuration] for use with LibreChat which will operate with the application example:

identity_providers:
  oidc:
    ## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
    ## See: https://www.authelia.com/c/oidc
    clients:
      - client_id: 'librechat'
        client_name: 'LibreChat'
        client_secret: '$pbkdf2-sha512$310000$c8p78n7pUMln0jzvd4aK4Q$JNRBzwAo0ek5qKn50cFzzvE9RXV88h1wJn5KGiHrD0YKtZaR/nCb2CJPOsKaPK0hjf.9yHxzQGZziziccp6Yng'  # The digest of 'insecure_secret'.
        public: false
        authorization_policy: 'two_factor'
        redirect_uris:
          - 'https://librechat.{{< sitevar name="domain" nojs="example.com" >}}/oauth/openid/callback'
        scopes:
          - 'openid'
          - 'profile'
          - 'email'
        userinfo_signed_response_alg: 'none'

Application

To configure LibreChat to utilize Authelia as an [OpenID Connect 1.0] Provider:

  1. Add the following configuration variables:
ALLOW_SOCIAL_LOGIN=true
OPENID_BUTTON_LABEL=Log in with Authelia
OPENID_ISSUER=https://auth.{{< sitevar name="domain" nojs="example.com" >}}
OPENID_CLIENT_ID=librechat
OPENID_CLIENT_SECRET=insecure_secret
OPENID_SESSION_SECRET=insecure_session_secret
OPENID_CALLBACK_URL=https://auth.{{< sitevar name="domain" nojs="example.com" >}}/api/oidc/authorization
OPENID_SCOPE=openid profile email
OPENID_IMAGE_URL=https://www.authelia.com/images/branding/logo-cropped.png