# LDAP connector + Yunohost setup + staticClient as per manifest.json issuer: https://__DOMAIN____PATH__ storage: type: sqlite3 config: file: dex.db web: http: 127.0.0.1:__PORT__ frontend: issuer: dex logoURL: theme/logo.png dir: web/ theme: light connectors: - type: ldap name: OpenLDAP id: ldap config: host: localhost:389 # No TLS for this setup. insecureNoSSL: true insecureSkipVerify: true usernamePrompt: Username userSearch: baseDN: ou=users,dc=yunohost,dc=org filter: "(objectClass=InetOrgPerson)" username: uid idAttr: uid emailAttr: mail nameAttr: displayName groupSearch: baseDN: ou=groups,dc=yunohost,dc=org filter: "(objectClass=posixGroup)" userMatchers: - userAttr: uid groupAttr: memberUid nameAttr: cn # Unfortunately the api is too complex to be used here # As a consequence we have to setup client as staticClient, which means we will need one Dex instance per client app staticClients: - id: __OIDC_APP__ redirectURIs: - https://__OIDC_CALLBACK__ name: __OIDC_APP__ secret: __OIDC_SECRET__