Pocket-ID OIDC Provider Connection Issue

Support
1

I’m using ProxMox, and set up Vikunja… I’m loving it btw.

I’m trying to use Pocket-ID as my OIDC provider… On their own docs, they state it should work, in Vikunja docs, there’s no specific Pocket-ID example, but it follows pretty much authentik and everyone else. Whatever I do though, I can’t get the login option to show.

Here’s my config:


auth:
  local:
    enabled: true
  
  openid:
    enabled: true
    providers:
      - name: "pocket-id"
        authurl: "https://<auth>.<domain>.com/"
        clientid: "[CLIENT-ID]"
        clientsecret: "[SECRET]"
        scope: openid profile email

When I look at the ‘/api/v1/info’ this is what I get:

{
  "version": "v0.24.6",
  "frontend_url": "",
  "motd": "",
  "link_sharing_enabled": true,
  "max_file_size": "20MB",
  "registration_enabled": false,
  "available_migrators": [
    "vikunja-file",
    "ticktick"
  ],
  "task_attachments_enabled": true,
  "enabled_background_providers": [
    "upload",
    "unsplash"
  ],
  "totp_enabled": true,
  "legal": {
    "imprint_url": "",
    "privacy_policy_url": ""
  },
  "caldav_enabled": true,
  "auth": {
    "local": {
      "enabled": true
    },
    "openid_connect": {
      "enabled": true,
      "providers": []
    }
  },
  "email_reminders_enabled": true,
  "user_deletion_enabled": true,
  "task_comments_enabled": true,
  "demo_mode_enabled": false,
  "webhooks_enabled": true,
  "public_teams_enabled": false
}

I’ve been trying to get this to work for the better part of a day, and can’t seem to move forward. Any help would be greatly appreciated!

2

I’d say you need to double check that authurl

In authentik wiki, it does not just stop after the .com for instance.

3

I’m using pocket-id though… the full path is "https://<auth>.<domain>.com/.well-known/openid-configuration" but the Vikunja docs say to remove that last part.

4

Hello, I know it’s an old post, but if it could help other users to plug Pocket Id to Vakunja, this is my working config.yaml :

auth:
  local:
    enabled: false  # Disable local authentication if using OIDC only
  
  openid:
    enabled: true
    # Redirect URL must match your Vikunja public URL + /auth/openid/<provider-key>
    redirecturl: https://your.vakunja.example.com/auth/openid/pocketid
    
    providers:
      pocketid:  # Provider key (can be any name you choose)
        name: Pocket-Id  # Display name in the login interface
        scope: openid email profile  # Required OIDC scopes
        authurl: https://your-pocketid.example.com  # OIDC provider authorization endpoint
        logouturl: https://your-oidc-provider.example.com/api/oidc/end-session  # OIDC logout endpoint
        clientid: your-client-id-here  # OIDC client ID from your provider
        clientsecret: your-client-secret-here  # OIDC client secret from your provider
        forceuserinfo: true  # Force use of UserInfo endpoint for user data
        #usernamefallback: true  # Allow matching by username (use with caution)
        #emailfallback: true  # Allow matching by email (use with caution)