• 다음 명령어를 사용하여 클라이언트 시크릿(client secret)을 생성하세요:

  docker run --rm authelia/authelia:latest authelia crypto hash generate pbkdf2 --variant sha512 --random --random.length 72 --random.charset rfc3986

• 그런 다음 configuration.yml의 oidc 섹션에 다음을 추가하세요:

    - client_id: 'librechat'
      client_name: 'LibreChat'
      client_secret: '$pbkdf2-GENERATED_SECRET_KEY_HERE'
      public: false
      authorization_policy: 'two_factor'
      redirect_uris:
        - 'https://LIBRECHAT.URL/oauth/openid/callback'
      scopes:
        - 'openid'
        - 'profile'
        - 'email'
      userinfo_signing_algorithm: 'none'

• 그런 다음 Authelia를 재시작하세요

LibreChat

• 프로젝트 폴더에서 .env 파일을 열고 다음 변수들을 추가하세요:

  ALLOW_SOCIAL_LOGIN=true
  OPENID_BUTTON_LABEL='Log in with Authelia'
  OPENID_ISSUER=https://auth.example.com/.well-known/openid-configuration
  OPENID_CLIENT_ID=librechat
  OPENID_CLIENT_SECRET=ACTUAL_GENERATED_SECRET_HERE
  OPENID_SESSION_SECRET=ANY_RANDOM_STRING
  OPENID_CALLBACK_URL=/oauth/openid/callback
  OPENID_SCOPE="openid profile email"
  OPENID_IMAGE_URL=https://www.authelia.com/images/branding/logo-cropped.png
  # Optional: redirects the user to the end session endpoint after logging out
  OPENID_USE_END_SESSION_ENDPOINT=true
  
  # Maximum logout URL length before using logout_hint instead of id_token_hint (default: 2000)
  # OPENID_MAX_LOGOUT_URL_LENGTH=2000