diff --git a/terraform/authentik/oauth2-apps.tfvars b/terraform/authentik/oauth2-apps.tfvars index 31f3f24..1d196e8 100644 --- a/terraform/authentik/oauth2-apps.tfvars +++ b/terraform/authentik/oauth2-apps.tfvars @@ -125,18 +125,38 @@ oauth_applications = { signing_key = "1b1b5bec-034a-4d96-871a-133f11322360" } - "home-assistant" = { - name = "Home Assistant" - slug = "home-assistant" + "home-assistant-lms" = { + name = "Home Assistant LMS" + slug = "home-assistant-lms" group = "Internal" - meta_description = "Home Assistant" + meta_description = "Home Assistant Limassol" meta_icon = "https://img.icons8.com/stickers/100/smart-home-automation.png" redirect_uris = [ "http://ha-lms:8123/auth/oidc/callback", "http://ha-lms.homenet:8123/auth/oidc/callback", + ] + meta_launch_url = "http://ha-lms:8123/auth/oidc/welcome" + client_type = "confidential" + include_claims_in_id_token = true + access_code_validity = "minutes=1" + access_token_validity = "minutes=5" + refresh_token_validity = "days=30" + scope_mappings = ["openid", "profile", "email"] + access_groups = ["admins"] + create_group = true + signing_key = "1b1b5bec-034a-4d96-871a-133f11322360" + } + "home-assistant-london" = { + name = "Home Assistant London" + slug = "home-assistant-london" + group = "Internal" + meta_description = "Home Assistant London" + meta_icon = "https://img.icons8.com/stickers/100/smart-home-automation.png" + redirect_uris = [ "http://ha-london:8123/auth/oidc/callback", "http://ha-london.tail2fe2d.ts.net:8123/auth/oidc/callback", ] + meta_launch_url = "http://ha-london:8123/auth/oidc/welcome" client_type = "confidential" include_claims_in_id_token = true access_code_validity = "minutes=1"