Skip to main content

OIDC Authentication

Hocus supports OpenID Connect, so you can use your existing identity provider to authenticate to Hocus.

Configuration

To configure OIDC authentication, set the following environment variables on the control plane container (hocus-ui in the quickstart):

  • OIDC_ISSUER_BASE_URL - The base URL of your OIDC provider. For example, http://localhost:4200/realms/hocus for the default Keycloak provider.
  • OIDC_BASE_URL - The base URL of your Hocus instance. For example, if you followed the quickstart, http://localhost:3000/app.
  • OIDC_CLIENT_ID - The client ID of your OIDC client. For example, hocus for the default Keycloak client.
  • OIDC_CLIENT_SECRET - The client secret of your OIDC client.
  • OIDC_SECRET - A random string used to sign the session cookie.
  • OIDC_POST_LOGOUT_REDIRECT - The URL to redirect to after logging out. For example, http://localhost:3000/ for the quickstart.