From 66664a5925dd55c444067e40d27a2d51cf75cda0 Mon Sep 17 00:00:00 2001 From: poprhythm Date: Fri, 27 Feb 2026 03:08:30 +0000 Subject: [PATCH] Fix open-webui OIDC token auth method to client_secret_basic Open WebUI (authlib) sends credentials in the Authorization header (client_secret_basic), not the POST body. Authelia was rejecting it. --- authelia/config/configuration.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/authelia/config/configuration.yaml b/authelia/config/configuration.yaml index 3b7b5b9..796ea51 100644 --- a/authelia/config/configuration.yaml +++ b/authelia/config/configuration.yaml @@ -69,7 +69,7 @@ identity_providers: client_secret: '{{ secret "/config/secrets/oidc_open_webui" }}' public: false authorization_policy: one_factor - token_endpoint_auth_method: client_secret_post + token_endpoint_auth_method: client_secret_basic redirect_uris: - https://open-webui.kolpacksoftware.com/oauth/oidc/callback scopes: