Commit a0c2b587 authored by ale's avatar ale
Browse files

Document the allowed_cors_origins option

parent a64b4480
......@@ -31,6 +31,10 @@ attributes:
destination pairs (dictionaries with `src_regexp` and `dst_regexp`
attributes). Exchange requests will only be allowed if source and
destination SSO services both match one of these pairs.
* `allowed_cors_origins`: a list of "origins" (path-less URLs) for
CORS (Cross-Origin Resource Sharing) used to set
Access-Control-Allow-Origin headers; allows some sites to refresh
their SSO credentials on secondary or asynchronous requests
* `service_ttls`: a list of dictionaries used to set time-to-live for
SSO tickets for specific services. Each dictionary should have the
following attributes:
......@@ -71,7 +75,8 @@ attributes:
* `tls`: server-side TLS configuration
* `cert`: path to the server certificate
* `key`: path to the server's private key
* `ca`: path to the CA used to validate clients
* `ca`: path to the CA used to validate clients; if set, clients
will be required to send a certificate (mTLS)
* `acl`: TLS-based access controls, a list of entries with the
following attributes:
* `path` is a regular expression to match the request URL path
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment