Intro
Enabling SSO for all self-hosted services that support it has been one of the best decisions in my homelab. It has created a seamless “ecosystem” experience for my friends and family (mainly myself 🥲). The problem is that every time I logged in to my services, it prompted me with a consent form which I quickly grew tired of. To remove this consent page in all my connected OIDC clients, I enabled implicit consent.
Client Configuration
A typical client configuration may look like:
identity_providers:
oidc:
issuer_private_key: |
<private_key>
clients:
- id: <id>
description: <description>
secret: '<secret>'
public: false
authorization_policy: two_factor
redirect_uris:
- <redirect_url>
scopes:
- openid
- email
- profile
userinfo_signing_algorithm: noneTo enable implicit consent, you just have to add one line to the client config, like this:
identity_providers:
oidc:
issuer_private_key: |
<private_key>
clients:
- id: <id>
description: <description>
secret: '<secret>'
public: false
authorization_policy: two_factor
redirect_uris:
- <redirect_url>
scopes:
- openid
- email
- profile
userinfo_signing_algorithm: none
consent_mode: implicitDone!
After restarting Authelia, you will no longer be prompted to provide consent.