identity_providers:
  oidc:
    ## The other portions of the mandatory OpenID Connect 1.0 configuration go here.
    ## See: https://www.authelia.com/c/oidc
    clients:
      - client_id: << see below to generate ClientID >>
        client_name: 'immich'
        client_secret: << see below to generale ClientSecret, put the digest here >>
        public: false
        authorization_policy: 'one_factor'
        redirect_uris:
          - 'https://immich.mydomain.com/auth/login'
          - 'https://immich.mydomain.com/user-settings'
          - 'app.immich:///oauth-callback'
        scopes:
          - 'openid'
          - 'profile'
          - 'email'
        userinfo_signed_response_alg: 'none'