authelia.mdx (#126)

pages/docs/configuration/authentication/OAuth2-OIDC/authelia.mdx

@@ -0,0 +1,41 @@
+---
+title: Authelia
+description: Learn how to configure LibreChat to use Authelia for user authentication.
+---
+
+# Authelia
+
+- Generate a client secret using:
+  ```
+  docker run authelia/authelia:latest authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986
+  ```
+- Then in your `configuration.yml` add the following in the oidc section:
+  ```bash filename="configuration.yml"
+    - id: librechat
+      description: LibreChat
+      secret: '$pbkdf2-GENERATED_SECRET_KEY_HERE'
+      public: false
+      authorization_policy: two_factor
+      redirect_uris:
+        - 'https://LIBRECHAT.URL/oauth/openid/callback'
+      scopes:
+        - openid
+        - profile
+        - email
+      userinfo_signing_algorithm: none
+  ```
+- Then restart Authelia
+
+# LibreChat
+
+- Open the `.env` file in your project folder and add the following variables:
+  ```bash filename=".env"
+  ALLOW_SOCIAL_LOGIN=true
+  OPENID_BUTTON_LABEL='Log in with Authelia'
+  OPENID_ISSUER=https://auth.example.com
+  OPENID_CLIENT_ID=librechat
+  OPENID_CLIENT_SECRET=ACTUAL_GENERATED_SECRET_HERE
+  OPENID_SESSION_SECRET=ANY_RANDOM_STRING
+  OPENID_CALLBACK_URL=https://auth.example.com/api/oidc/authorization
+  OPENID_SCOPE="openid profile email"
+  ```