From 046da5d653719c0d2c0f5c3d99bc7ece3e8605d9 Mon Sep 17 00:00:00 2001 From: Claire Date: Tue, 27 Feb 2024 18:31:39 +0100 Subject: [PATCH] Add documentation for `ALLOW_UNSAFE_AUTH_PRODIVER_REATTACH` (#1410) --- content/en/admin/config.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/content/en/admin/config.md b/content/en/admin/config.md index dca13d17..68c0f75d 100644 --- a/content/en/admin/config.md +++ b/content/en/admin/config.md @@ -652,6 +652,12 @@ Value of the `CACHE_BUSTER_SECRET_HEADER` header configured above. ### OmniAuth +#### `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH` +Allow existing users to log in using external authentication providers they have not previously used, provided they use the same e-mail address. This can be useful if you want to offer users the ability to migrate from one external provider to another, but this is a potential security risk, as this allows attackers to hijack an account if they manage to create a new identity with their target's e-mail address on any of your configured providers. + +**Version history:**\ +4.2.6 - added + #### `OMNIAUTH_ONLY` #### `ONE_CLICK_SSO_LOGIN`