From d9f03a92ee7715552f4bed11f40945d9d578ba32 Mon Sep 17 00:00:00 2001 From: Dan Allan Date: Fri, 17 Jan 2025 15:27:11 -0500 Subject: [PATCH] Add explanatory comment. Co-authored-by: Padraic Shafer <76011594+padraic-shafer@users.noreply.github.com> --- docs/source/explanations/security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/source/explanations/security.md b/docs/source/explanations/security.md index d42b670a5..c653baaa1 100644 --- a/docs/source/explanations/security.md +++ b/docs/source/explanations/security.md @@ -257,7 +257,7 @@ authentication: # The audience claim is checked by the OIDC Client (Tiled) # It checks that the Authentication header that you are passed has not been intercepted # And that elevated claims from other services do not apply here - audience: tiled # or similar + audience: tiled # something unique to ensure received headers are for you client_id: tiled_client client_secret: ${OIDC_CLIENT_SECRET} # referencing an environment variable well_known_uri: example.com/.well-known/openid-configuration