[pve-devel] [PATCH docs v4 1/1] fix #4234: add docs for openid optional userinfo request

Thomas Skinner thomas at atskinner.net
Mon Mar 24 04:37:33 CET 2025


Signed-off-by: Thomas Skinner <thomas at atskinner.net>
---
 pveum.adoc | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/pveum.adoc b/pveum.adoc
index 81565ab..0d74d1d 100644
--- a/pveum.adoc
+++ b/pveum.adoc
@@ -479,6 +479,14 @@ Another option is to use `email`, which also yields human readable
 usernames. Again, only use this setting if the server guarantees the
 uniqueness of this attribute.
 
+Advanced settings
+^^^^^^^^^^^^^^^^^
+
+* `Query userinfo endpoint` (`query-userinfo`): Enabling this option requires
+the OpenID Connect authenticator to query the "userinfo" endpoint for claim
+values. Disabling this option is useful for some identity providers that do not
+support the "userinfo" endpoint (e.g. ADFS).
+
 Examples
 ^^^^^^^^
 
-- 
2.39.5




More information about the pve-devel mailing list