diff mod_http_oauth2/README.md @ 6207:ab14e7ecb82f

mod_http_oauth2: Allow JIDs as username for password grant
author magicfelix <felix@felix-zauberer.de>
date Sat, 19 Apr 2025 20:32:37 +0200
parents fe081789f7b5
children 8108aec64fb9
line wrap: on
line diff
--- a/mod_http_oauth2/README.md	Sat Apr 19 18:30:57 2025 +0200
+++ b/mod_http_oauth2/README.md	Sat Apr 19 20:32:37 2025 +0200
@@ -86,6 +86,15 @@
 oauth2_security_policy = "default-src 'self'" -- this is the default
 ```
 
+For the Resource Owner Password Grant the `username` is expected to be the only
+localpart by default.  If the OAuth client includes the domainpart in the
+`username` it submits (e.g. user@example.org instead of just user), set this to
+`true`. Note that this requires all clients to follow this format.
+
+```lua
+oauth2_expect_username_jid = false
+```
+
 ### Token parameters
 
 The following options configure the lifetime of tokens issued by the module.