zelo72
/
documentation
mirror of https://github.com/mastodon/documentation
1
0
Fork 0
Code Issues 6 Releases Wiki Activity

Add documentation for `ALLOW_UNSAFE_AUTH_PRODIVER_REATTACH` (#1410)

This commit is contained in:
Claire 2024-02-27 18:31:39 +01:00 committed by GitHub
parent 899339ccad
commit 046da5d653
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
content/en/admin/config.md
View File

@ -652,6 +652,12 @@ Value of the `CACHE_BUSTER_SECRET_HEADER` header configured above.
### OmniAuth
#### `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH`
Allow existing users to log in using external authentication providers they have not previously used, provided they use the same e-mail address. This can be useful if you want to offer users the ability to migrate from one external provider to another, but this is a potential security risk, as this allows attackers to hijack an account if they manage to create a new identity with their target's e-mail address on any of your configured providers.
**Version history:**\
4.2.6 - added
#### `OMNIAUTH_ONLY`
#### `ONE_CLICK_SSO_LOGIN`