You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: examples/official-site/sso/single_sign_on.md
+16-5Lines changed: 16 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -113,8 +113,19 @@ When deploying to production:
113
113
114
114
## Troubleshooting
115
115
116
-
- If login fails, check that the redirect URI matches exactly
117
-
- Verify that your client ID and secret are correct
118
-
- Make sure your `host` setting matches your application's URL
119
-
- For local development, use `http://localhost:8080` as the host
120
-
- For production, use your actual domain name
116
+
### Version Requirements
117
+
- OIDC support requires SQLPage **version 0.35 or higher**. Check your version in the logs.
118
+
119
+
### Common Configuration Issues
120
+
-**Redirect URI Mismatch**: The redirect URI in your OIDC provider settings must exactly match `https://your-domain.com/sqlpage/oidc_callback` (or `http://localhost:8080/sqlpage/oidc_callback` for local development)
121
+
-**Invalid Client Credentials**: Double-check your client ID and secret are copied correctly from your OIDC provider
122
+
-**Host Configuration**: The `host` setting in `sqlpage.json` must match your application's domain name exactly
123
+
-**HTTPS Requirements**: Most OIDC providers require HTTPS in production. Ensure your site is served over HTTPS.
124
+
-**Provider Discovery**: If SQLPage fails to discover your provider's configuration, verify the `oidc_issuer_url` is correct and accessible by loading `{oidc_issuer_url}/.well-known/openid-configuration` in your browser.
125
+
126
+
### Debugging Tips
127
+
- Check SQLPage's logs for detailed error messages. You can enable verbose logging with the `RUST_LOG=trace` environment variable.
128
+
- Verify your OIDC provider's logs for authentication attempts
129
+
- In production, confirm your domain name matches exactly in both the OIDC provider settings and `sqlpage.json`
130
+
- If [using a reverse proxy](/your-first-sql-website/nginx.sql), ensure it's properly configured to handle the OIDC callback path.
131
+
- If you have checked everything and you think the bug comes from SQLPage itself, [open an issue on our bug tracker](https://github.com/sqlpage/SQLPage/issues).
Copy file name to clipboardExpand all lines: examples/single sign on/README.md
+2-1Lines changed: 2 additions & 1 deletion
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -42,7 +42,8 @@ the [CAS protocol](https://apereo.github.io/cas/) (version 3.0), which is mostly
42
42
OIDC is an authentication protocol that allows users to authenticate with a third-party identity provider and then access applications without having to log in again. This is useful for single sign-on (SSO) scenarios where users need to access multiple applications with a single set of credentials.
43
43
OIDC can be used to implement a "Login with Google" or "Login with Facebook" button in your application, since these providers support the OIDC protocol.
44
44
45
-
SQLPage has built-in support for OIDC authentication. This project demonstrates how to use it with the free and open source [Keycloak](https://www.keycloak.org/) OIDC provider.
45
+
SQLPage has built-in support for OIDC authentication since v0.35.
46
+
This project demonstrates how to use it with the free and open source [Keycloak](https://www.keycloak.org/) OIDC provider.
46
47
You can easily replace Keycloak with another OIDC provider, such as Google, or your enterprise OIDC provider, by following the steps in the [Configuration](#configuration) section.
0 commit comments