You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/configuration.md
+11Lines changed: 11 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -124,6 +124,17 @@ each setting controls. These values are set during installation and can be chang
124
124
|`security.enableRegistration`| Enable registration for visitors |`true`| Allows new users to register an account on the FAQ. |
125
125
|`security.domainWhiteListForRegistrations`| Allowed hosts for registrations |*(empty)*| A list of allowed email domains for new registrations. Leave empty to allow all domains. |
126
126
|`security.enableSignInWithMicrosoft`| Enable Sign in with Microsoft Entra ID |`false`| Enables authentication via Microsoft Entra ID (formerly Azure AD). |
127
+
|`keycloak.enable`| Enable Keycloak sign-in |`false`| Enables OpenID Connect authentication via Keycloak for the frontend and admin login forms. |
128
+
|`keycloak.baseUrl`| Keycloak base URL |*(empty)*| Base URL of the Keycloak server, for example `https://sso.example.com`. |
129
+
|`keycloak.realm`| Realm |*(empty)*| Keycloak realm used for phpMyFAQ authentication. |
130
+
|`keycloak.clientId`| Client ID |*(empty)*| OIDC client identifier configured in Keycloak. |
131
+
|`keycloak.clientSecret`| Client secret |*(empty)*| Client secret configured for the Keycloak OIDC client. |
132
+
|`keycloak.redirectUri`| Redirect URI |*(empty)*| Callback URL registered in the Keycloak client, usually `https://faq.example.com/auth/keycloak/callback`. |
|`keycloak.autoProvision`| Automatically create phpMyFAQ users on first Keycloak login |`false`| When enabled, phpMyFAQ creates a local user automatically if no matching account exists yet. |
135
+
|`keycloak.groupAutoAssign`| Automatically assign phpMyFAQ groups from Keycloak roles |`false`| When enabled and permission level `medium` is active, phpMyFAQ assigns users to groups derived from Keycloak roles on login. |
136
+
|`keycloak.groupMapping`| Role to group mapping |*(empty)*| JSON object mapping Keycloak role names to phpMyFAQ group names, for example `{"admin":"Administrators"}`. Unmapped roles keep their original name. |
137
+
|`keycloak.logoutRedirectUrl`| Logout redirect URL |*(empty)*| URL users should be redirected to after logging out from Keycloak. |
127
138
|`security.enableGoogleReCaptchaV2`| Enable Invisible Google ReCAPTCHA v2 |`false`| Enables Google reCAPTCHA v2 to protect forms from spam and abuse. |
128
139
|`security.googleReCaptchaV2SiteKey`| Google ReCAPTCHA v2 site key |*(empty)*| The site key from your Google reCAPTCHA v2 registration. |
129
140
|`security.googleReCaptchaV2SecretKey`| Google ReCAPTCHA v2 secret key |*(empty)*| The secret key from your Google reCAPTCHA v2 registration. |
$LANG_CONF['keycloak.scopes'] = ['input', 'Scopes', 'Leerzeichengetrennte Scopes, z.B. openid profile email'];
1704
1704
$LANG_CONF['keycloak.autoProvision'] = ['checkbox', 'phpMyFAQ-Benutzer beim ersten Keycloak-Login automatisch anlegen'];
1705
+
$LANG_CONF['keycloak.groupAutoAssign'] = ['checkbox', 'phpMyFAQ-Gruppen automatisch aus Keycloak-Rollen zuweisen'];
1706
+
$LANG_CONF['keycloak.groupMapping'] = ['input', 'Rollen-zu-Gruppen-Zuordnung', 'JSON-Objekt zur Abbildung von Keycloak-Rollen auf phpMyFAQ-Gruppennamen, z.B. {"admin":"Administratoren"}'];
1705
1707
$LANG_CONF['keycloak.logoutRedirectUrl'] = ['input', 'Logout-Redirect-URL', 'URL für die Weiterleitung nach dem Keycloak-Logout'];
Copy file name to clipboardExpand all lines: phpmyfaq/translations/language_en.php
+2Lines changed: 2 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -1694,6 +1694,8 @@
1694
1694
$LANG_CONF['keycloak.redirectUri'] = ['input', 'Redirect URI', 'Callback URL registered in the Keycloak client'];
1695
1695
$LANG_CONF['keycloak.scopes'] = ['input', 'Scopes', 'Space-separated scopes, e.g. openid profile email'];
1696
1696
$LANG_CONF['keycloak.autoProvision'] = ['checkbox', 'Automatically create phpMyFAQ users on first Keycloak login'];
1697
+
$LANG_CONF['keycloak.groupAutoAssign'] = ['checkbox', 'Automatically assign phpMyFAQ groups from Keycloak roles'];
1698
+
$LANG_CONF['keycloak.groupMapping'] = ['input', 'Role to group mapping', 'JSON object mapping Keycloak roles to phpMyFAQ group names, e.g. {"admin":"Administrators"}'];
1697
1699
$LANG_CONF['keycloak.logoutRedirectUrl'] = ['input', 'Logout redirect URL', 'URL to redirect to after Keycloak logout'];
0 commit comments