From 6eb291984bdcb1932115c613ed37e3ba1aa9480d Mon Sep 17 00:00:00 2001
From: Melroy Dsouza <meldsza@gmail.com>
Date: Fri, 25 Oct 2024 11:43:44 +0530
Subject: [PATCH] Document usage of 'issuerAlias' config in OIDC connector

Signed-off-by: Melroy Dsouza <meldsza@gmail.com>
---
 content/docs/connectors/oidc.md | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/content/docs/connectors/oidc.md b/content/docs/connectors/oidc.md
index 96f81e7..76246df 100644
--- a/content/docs/connectors/oidc.md
+++ b/content/docs/connectors/oidc.md
@@ -28,6 +28,12 @@ connectors:
     # See: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig
     issuer: https://accounts.google.com
 
+    # Some offspec providers like Azure, Oracle IDCS have oidc discovery url
+    # different from issuer url which causes issuerValidation to fail
+    # issuerAlias provides a way to override the Issuer url
+    # from the .well-known/openid-configuration issuer
+    # issuerAlias: https://accounts.google.com
+
     # Connector config values starting with a "$" will read from the environment.
     clientID: $GOOGLE_CLIENT_ID
     clientSecret: $GOOGLE_CLIENT_SECRET