fix(auth): add accountLinking trustedProviders for authentik (GRO-1509)
Betters Auth v1.5.6 link-account.mjs:22 rejects OAuth callbacks when the genericOAuth provider is not in trustedProviders AND email_verified is falsy. Adding authentik to trustedProviders bypasses this guard so OIDC login works for TF-created users whose emails were never verified through an authentik flow. Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
@@ -251,6 +251,10 @@ export async function initAuth(): Promise<void> {
|
|||||||
},
|
},
|
||||||
},
|
},
|
||||||
account: {
|
account: {
|
||||||
|
accountLinking: {
|
||||||
|
enabled: true,
|
||||||
|
trustedProviders: ["authentik"],
|
||||||
|
},
|
||||||
storeStateStrategy: "cookie" as const,
|
storeStateStrategy: "cookie" as const,
|
||||||
},
|
},
|
||||||
emailAndPassword: {
|
emailAndPassword: {
|
||||||
|
|||||||
Reference in New Issue
Block a user