zelo72
/
documentation
mirror of https://github.com/mastodon/documentation
1
0
Fork 0
Code Issues 6 Releases Wiki Activity

Add documentation for `ALLOW_UNSAFE_AUTH_PRODIVER_REATTACH`

This commit is contained in:
Claire 2024-02-23 14:54:31 +01:00 committed by GitHub
parent bdf33a15f2
commit a7aca1aa32
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
content/en/admin/config.md
View File

@ -643,6 +643,12 @@ Value of the `CACHE_BUSTER_SECRET_HEADER` header configured above.
### OmniAuth
#### `ALLOW_UNSAFE_AUTH_PROVIDER_REATTACH`
Allow existing users to log in using external authentication providers they have not previously used, provided they use the same e-mail address. This can be useful if you want to offer users the ability to migrate from one external provider to another, but this is a potential security risk, as this allows attackers to hijack an account if they manage to create a new identity with their target's e-mail address on any of your configured providers.
**Version history:**\
4.2.6 - added
#### `OMNIAUTH_ONLY`
#### `ONE_CLICK_SSO_LOGIN`