Add OIDC instructions to MD files (#2)

steamwings · Zander · Zander · commit 4cf1ee0ea303 · 2026-01-23T19:37:07.000-05:00
Co-authored-by: Zander &lt;steamwings@outlook.com&gt;
diff --git a/docs/docker-deployment.md b/docs/docker-deployment.md
@@ -140,6 +140,16 @@ If you're using a provider other than AWS, you will also need some of the follow
 - `S3_REQUEST_CHECKSUM_CALCULATION`
 - `S3_RESPONSE_CHECKSUM_VALIDATION`
 
+#### OIDC / OAuth2 Authentication
+
+OIDC with a single provider is supported when the following variables are set.
+
+- `OIDC_ISSUER`
+- `OIDC_CLIENT_ID`
+- `OIDC_CLIENT_SECRET`
+
+If you'd like to hide the magic-link login flow, you can set `OIDC_REQUIRED=true`.
+
 #### Multi-tenant mode
 
 By default, when you run the Fizzy Docker image you'll be limited to creating a single account (although that account can have as many users as you like).
diff --git a/docs/kamal-deployment.md b/docs/kamal-deployment.md
@@ -111,3 +111,14 @@ Optional for S3-compatible endpoints:
 - `S3_REQUEST_CHECKSUM_CALCULATION` (defaults to `when_supported`)
 - `S3_RESPONSE_CHECKSUM_VALIDATION` (defaults to `when_supported`)
 
+### Configuring OIDC / OAuth2 authentication
+
+To enable OAuth2 login, set:
+
+- `OIDC_ISSUER`
+- `OIDC_CLIENT_ID`
+- `OIDC_CLIENT_SECRET`
+
+Optional:
+
+- `OIDC_REQUIRED` (defaults to `false`; set to `true` to hide magic link login)
