OpenID documentation wrong / providers not working #2207

New Issue

GiteaMirror · 2026-03-22T13:57:23-05:00

GiteaMirror commented

2026-03-22 13:57:23 -05:00

Originally created by @regnerisch on GitHub (Apr 3, 2025).

Description

I created a config.yml like described in the documentation:

auth:
  openid:
    enabled: true
    providers:
      pocketid:
        name: "Pocket ID"
        authurl: ".../authorize"
        clientid: "..."
        clientsecret: "..."

Also the code seems to support that (valid) yaml. But I always get an internal server error (https://my-domain.com/api/v1/info)

If I change the providers to an array instead of an object (which is not documented but shown in many examples)
I do not get an error, but the openid_providers inside the API-info endpoint is an empty array. Which is also wrong. I am not able to sign up or login with my OIDC provider as the frontend just shows the normal login/sign up page.

auth:
  openid:
    enabled: true
    providers:
      - name: "Pocket ID"
         authurl: ".../authorize"
         clientid: "..."
         clientsecret: "..."

I'm pretty sure this is not intended. This need to be fixed inside the code and the documentation must be updated too. It sould be an array or an object and should be consistant between the config documentation and examples.

Vikunja Version

0.24.6

Browser and version

No response

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

No response

Originally created by @regnerisch on GitHub (Apr 3, 2025). ### Description I created a config.yml like described in the documentation: ```yaml auth: openid: enabled: true providers: pocketid: name: "Pocket ID" authurl: ".../authorize" clientid: "..." clientsecret: "..." ``` Also the code seems to support that (valid) yaml. But I always get an internal server error (https://my-domain.com/api/v1/info) If I change the providers to an array instead of an object (which is not documented but shown in many examples) I do not get an error, but the `openid_providers` inside the API-info endpoint is an empty array. Which is also wrong. I am not able to sign up or login with my OIDC provider as the frontend just shows the normal login/sign up page. ```yaml auth: openid: enabled: true providers: - name: "Pocket ID" authurl: ".../authorize" clientid: "..." clientsecret: "..." ``` I'm pretty sure this is not intended. This need to be fixed inside the code and the documentation must be updated too. It sould be an array or an object and should be consistant between the config documentation and examples. ### Vikunja Version 0.24.6 ### Browser and version _No response_ ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots _No response_

GiteaMirror closed this issue

2026-03-22 13:57:24 -05:00

GiteaMirror commented

2026-03-22 13:57:25 -05:00

@kolaente commented on GitHub (Apr 3, 2025):

The syntax in your very first example is the one in current unstable builds and the next release. The 0.24.6 release uses your second example.

If there is an error while accessing the info endpoint, there should be something in the logs.

@kolaente commented on GitHub (Apr 3, 2025): The syntax in your very first example is the one in current unstable builds and the next release. The 0.24.6 release uses your second example. If there is an error while accessing the info endpoint, there should be something in the logs.

GiteaMirror commented

2026-03-22 13:57:25 -05:00

@regnerisch commented on GitHub (Apr 4, 2025):

But when I use the syntax of version 0.24.6, why vikunja does not show the provider inside the info endpoint nor on sign up or sign in?

It's a little bit confusing that the documentation is for the unstable builds, maybe you consider versioning the documentation as well.

@regnerisch commented on GitHub (Apr 4, 2025): But when I use the syntax of version 0.24.6, why vikunja does not show the provider inside the info endpoint nor on sign up or sign in? It's a little bit confusing that the documentation is for the unstable builds, maybe you consider versioning the documentation as well.

GiteaMirror commented

2026-03-22 13:57:25 -05:00

@regnerisch commented on GitHub (Apr 4, 2025):

Okay I see what I did wrong. The auth.openid.providers.<provider>.authurl is NOT the authorization url of the provider, its just the url/domain where the provider is hosted as vikunja determin the right authorization url from the provider via the OIDC discovery url. Fixing that url, fixed the hole problem.

@regnerisch commented on GitHub (Apr 4, 2025): Okay I see what I did wrong. The `auth.openid.providers.<provider>.authurl` is NOT the authorization url of the provider, its just the url/domain where the provider is hosted as vikunja determin the right authorization url from the provider via the OIDC discovery url. Fixing that url, fixed the hole problem.

GiteaMirror commented

2026-03-22 13:57:26 -05:00

@blalor commented on GitHub (Jun 4, 2025):

I had this same issue. Thanks for detailing what you did, @regnerisch.

@blalor commented on GitHub (Jun 4, 2025): I had this same issue. Thanks for detailing what you did, @regnerisch.

GiteaMirror referenced this issue

2026-03-22 14:58:18 -05:00

[PR #2207] [MERGED] fix(auth): remove unnecessary fields from JWT token payloads #3992

GiteaMirror referenced this issue

2026-04-16 13:41:42 -05:00

[PR #2207] [MERGED] fix(auth): remove unnecessary fields from JWT token payloads #5533

GiteaMirror referenced this issue

2026-04-20 18:02:53 -05:00

[PR #2207] [MERGED] fix(auth): remove unnecessary fields from JWT token payloads #8117

GiteaMirror referenced this issue

2026-04-23 09:14:15 -05:00

[PR #2207] [MERGED] fix(auth): remove unnecessary fields from JWT token payloads #9833

Sign in to join this conversation.

Branches Tags

main

gh-readonly-queue/main/pr-2731-7800102f937efa5fbcec6262a1159beb4441caf7

feat-v2-foundation

spike-huma-openapi3

claude/investigate-swagger3-support-nyyUa

feat-list-view-buckets

ci-mysql-8-test

codex/analyze-codebase-for-email-task-feature

feat-project-templates

csv-import-feature

claude/email-reply-comments-wpdcQ

fix-oidc-pkce-support

fix/overview-subtasks-expand

feat/bucket-select-task-detail

feat-soft-delete-projects

claude/review-bot-design-plan-cf5C3

claude/project-scoped-api-tokens-KTqR3

claude/explore-openclaw-integration-KQEzg

claude/project-scoped-api-tokens-yv5KS

fix-duplicate-close-button

feat-list-view-sorting

feat/official-vite-sentry-plugin

feat/highlight-overdue-tasks

feat/add-enter-key-form-submission-handling

feat/TipTap-nits

feat/update-caldavtimetotimestamp-parsing

feat-phosphor-icons

wip-plans

claude/investigate-issue-2173-llKme

fix-description-text-drag

feat-custom-keyboard-shortcuts

pr-1845-ci

codex/fix-drag-and-drop-behavior-inconsistency

copilot/add-clickable-labels-for-filtering

copilot/fix-issue-1786

playwright-migration

fix-kanban-repeating-wip

copilot/fix-1498

feature/replace-axios

codex/upgrade-to-tailwind-4.1.8-using-pnpm

codex/add-cypress-test-for-avatar-types

feature/biome

feature/oxc

codex/update-flexsearch-to-0.8.205

4r6ni9-codex/fix-deprecated-sass-@import-usage

codex/fix-deprecated-sass-@import-usage

codex/add-cypress-test-for-task-list-refresh-fix

codex/fix-quick-add-magic-not-adding-tasks

codex/fix-all-type-errors

codex/fix-mimetype-for-docs.json

feature/caldav-from-scratch

feature/gh-actions-hetzner

fix-ci

feat/new-logger

jyte-better-dev-config

feat/add-team-member-with-enter

fix/button-and-icon-types

fix/notifications-component-name-collision

feature/null-time

renovate/tailwindcss-4.x

feature/unplugin-vue-router

fix/deprecated-import

feature/zod-schema

renovate/golangci-golangci-lint-1.x

fix/tiptap-editor-reactive-destructuring

release/0.24

feat/improve-add-task

fix/saved-filter-search

feat/webp-and-avif-attachment-previews

feature/migrate-back-to-bulma

fix/sass-add-missing-list-import

feature/sticky-demo-bar

fix/gantt-view-switch

feature/typesense-position-join

feature/focus-visible

dependencies/golangci-lint

feature/better-filter-syntax

fix/tiptap-task-list

renovate/github.com-golang-jwt-jwt-v4-5.x

feature/hide-forbidden-related-tasks

renovate/golang-1.x

release/0.20

release/0.17

release/0.16

release/0.15

release/0.14

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vikunja#2207