General Role mapping {#if formError} {formError} {/if}

Basic settings

Name * formErrors.name = undefined} /> {#if formErrors.name}

{formErrors.name}

{/if}

Issuer URL * formErrors.issuerUrl = undefined} /> {#if formErrors.issuerUrl}

{formErrors.issuerUrl}

{/if}

formEnabled = checked === true} /> formEnabled = !formEnabled}> Enable this OIDC provider

Client credentials

Get these from your identity provider's application settings.

Client ID * formErrors.clientId = undefined} /> {#if formErrors.clientId}

{formErrors.clientId}

{/if}

Client secret {#if !isEditing}*{/if} formErrors.clientSecret = undefined} /> {#if formErrors.clientSecret}

{formErrors.clientSecret}

{/if}

Redirect settings

Redirect URI * formErrors.redirectUri = undefined} /> {#if formErrors.redirectUri}

{formErrors.redirectUri}

{:else}

Add this URI to your identity provider's allowed callback URLs.

{/if}

Scopes

Claim mapping

Map OIDC claims to user attributes.

Username claim

Email claim

Display name claim

{#if !isEnterprise}

Enterprise feature

Role mapping allows you to automatically assign Dockhand roles based on your identity provider's groups or claims. This feature requires an enterprise license.

{#if onNavigateToLicense} {/if}

{:else}

Groups/roles claim

Grant admin access based on claim values from your identity provider.

Claim name

Name of the claim containing roles/groups

Admin value(s)

Comma-separated values that grant Admin role

Claim to role mappings

Map claim values from your identity provider to Dockhand roles.

{#if formRoleMappings.length === 0}

No role mappings configured. Click "Add mapping" to create one.

{:else}

{#each formRoleMappings as mapping, index}

Claim value

Dockhand role { if (value) { updateRoleMappingRole(index, parseInt(value)); } }} > {#if mapping.role_id} {roles.find(r => r.id === mapping.role_id)?.name || 'Select role...'} {:else} Select role... {/if} {#each roles as role}

{role.name}

{/each}

{/if}