stacklok
diff --git a/‎OIDC_SETUP.md‎
Lines changed: 0 additions & 81 deletions b/‎OIDC_SETUP.md‎
Lines changed: 0 additions & 81 deletions
diff --git a/‎dev-auth/README.md‎
Lines changed: 40 additions & 0 deletions b/‎dev-auth/README.md‎
Lines changed: 40 additions & 0 deletions
diff --git a/‎dev/oidc-provider.mjs‎ ‎dev-auth/oidc-provider.mjs‎dev/oidc-provider.mjs renamed to dev-auth/oidc-provider.mjs b/‎dev/oidc-provider.mjs‎ ‎dev-auth/oidc-provider.mjs‎dev/oidc-provider.mjs renamed to dev-auth/oidc-provider.mjs
diff --git a/‎package.json‎
Lines changed: 1 addition & 1 deletion b/‎package.json‎
Lines changed: 1 addition & 1 deletion
@@ -0,0 +1,40 @@
+# Local Development OIDC Provider
+
+This directory contains a simple OIDC provider for local development and testing.
+
+## What is it?
+
+A minimal OIDC-compliant identity provider built with `oidc-provider` that:
+- Automatically logs in a test user (`[email protected]`)
+- Auto-approves all consent requests
+- Supports standard OAuth 2.0 / OIDC flows
+
+## How to use
+
+Start the provider:
+```bash
+pnpm oidc
+```
+
+Or run it alongside the Next.js app:
+```bash
+pnpm dev
+```
+
+The provider runs on `http://localhost:4000` and is already configured in `.env.local`.
+
+## Configuration
+
+The provider is pre-configured with:
+- **Client ID**: `better-auth-dev`
+- **Client Secret**: `dev-secret-change-in-production`
+- **Test User**: `[email protected]` (Test User)
+- **Supported Scopes**: openid, email, profile
+- **Redirect URIs**: Ports 3000-3003 supported
+
+## For Production
+
+Replace this with a real OIDC provider (Okta, Keycloak, Auth0, etc.) by updating the environment variables in `.env.local`:
+- `OIDC_ISSUER_URL`
+- `OIDC_CLIENT_ID`
+- `OIDC_CLIENT_SECRET`
@@ -13,7 +13,7 @@
     "test": "vitest",
     "type-check": "tsc --noEmit",
     "prepare": "husky",
-    "oidc": "node dev/oidc-provider.mjs"
+    "oidc": "node dev-auth/oidc-provider.mjs"
   },
   "dependencies": {
     "better-auth": "1.4.0-beta.20",