Settings

This document describes the Django settings that can be used to customize the configuration of mozilla-django-oidc.

OIDC_OP_AUTHORIZATION_ENDPOINT
Default:No default

URL of your OpenID Connect provider authorization endpoint.

OIDC_OP_TOKEN_ENDPOINT
Default:No default

URL of your OpenID Connect provider token endpoint

OIDC_OP_USER_ENDPOINT
Default:No default

URL of your OpenID Connect provider userinfo endpoint

OIDC_RP_CLIENT_ID
Default:No default

OpenID Connect client ID provided by your OP

OIDC_RP_CLIENT_SECRET
Default:No default

OpenID Connect client secret provided by your OP

OIDC_VERIFY_JWT
Default:True

Controls whether the OpenID Connect client verifies the signature of the JWT tokens

OIDC_USE_NONCE
Default:True

Controls whether the OpenID Connect client uses nonce verification

OIDC_VERIFY_SSL
Default:True

Controls whether the OpenID Connect client verifies the SSL certificate of the OP responses

OIDC_EXEMPT_URLS
Default:[]

This is a list of url paths or Django view names. This plus the mozilla-django-oidc urls are exempted from the id token renewal by the RenewIDToken middleware.

OIDC_CREATE_USER
Default:True

Enables or disables automatic user creation during authentication

OIDC_STATE_SIZE
Default:32

Sets the length of the random string used for OpenID Connect state verification

OIDC_NONCE_SIZE
Default:32

Sets the length of the random string used for OpenID Connect nonce verification

OIDC_REDIRECT_FIELD_NAME
Default:next

Sets the GET parameter that is being used to define the redirect URL after succesful authentication

OIDC_CALLBACK_CLASS
Default:mozilla_django_oidc.views.OIDCAuthenticationCallbackView

Allows you to substitute a custom class-based view to be used as OpenID Connect callback URL.

Note

When using a custom callback view, it is generally a good idea to subclass the default OIDCAuthenticationCallbackView and override the methods you want to change.

LOGIN_REDIRECT_URL
Default:/accounts/profile

Path to redirect to on successful login. If you don’t specify this, the default Django value will be used.

LOGIN_REDIRECT_URL_FAILURE
Default:/

Path to redirect to on an unsuccessful login attempt.

LOGOUT_REDIRECT_URL
Default:/ (Django <= 1.9) None (Django 1.10+)

After the logout view has logged the user out, it redirects to this url path.