Features/Platform/OIDC Auth
verified_userOIDC Protocol Enabled

Your Identity.
Your Way.

OpenID Connect authentication with Authorization Code flow and PKCE. Connect Google, GitHub, Microsoft, or any standard OIDC provider.

.env — OIDC Configuration
# OpenID Connect Provider
OPENID_CLIENT_ISSUER=https://accounts.google.com
OPENID_CLIENT_ID=your-client-id.apps.googleusercontent.com
OPENID_CLIENT_SECRET=GOCSPX-********
OPENID_PROMPT=consent

# Claim mapping
OPENID_USERNAME_CLAIM=preferred_username
OPENID_LOCALE_CLAIM=locale
OPENID_SCOPE=openid email profile

# PKCE is enabled by default
# Redirect URL: https://play.yourdomain.com/openid-callback

Enterprise Grade Auth

group

SSO Integration

One-click login with Google, GitHub, Microsoft, or any OIDC provider. Authorization Code flow with PKCE.

hub

Custom OIDC Providers

Bring your own identity server. Supports any standard OpenID Connect endpoint with configurable scopes and claims.

fork_right

Role Mapping

Map identity provider claims to universe roles using configurable claim attributes for usernames and locale.

lock_open

Secure by Default

Authorization Code flow with PKCE. JWT validation, state parameter protection, and code verifier challenge.

Ready to secure your world?

Connect your identity provider and get started with OIDC authentication in minutes.