Example Configuration for Pocket ID SSO with Vaultwarden

[BobWs]

Hi everyone,

First, thank you for implementing SSO support in Vaultwarden! I’ve reviewed the wiki on setting up SSO, but I noticed there isn’t an example configuration for Pocket ID. I understand that not every SSO provider can be tested, but I’m curious if anyone in the community has successfully integrated Pocket ID with their Vaultwarden instance.

For context, I use Pocket ID for all my Docker applications that support OIDC SSO, and it works flawlessly. If you’ve set this up, I’d love to hear about your experience or see a sample configuration.

Thanks in advance for any insights!

[stefan0xC]

I have not tested it but this has been discussed before #6292

[Samaze123]

I saw that too but I couldn't make it work even when trying multiple things. An example config would be very helpful.

[Samaze123]

Oh my bad. After checking my config I clicked on restric in Pocket Id. It's now working perfectly.

[linksilva]

The SSO part on my docker compose:

SSO/OIDC Configuration (Pocket ID)

  SSO_ENABLED: true
  SSO_ONLY: true
  SSO_CLIENT_ID: ${POCKETID_CLIENT_ID}
  SSO_CLIENT_SECRET: ${POCKETID_CLIENT_SECRET}
  SSO_AUTHORITY: ${POCKETID_URL}
  SSO_PKCE: true
  SSO_SCOPES: "profile email openid"
  SSO_IDENTIFIER: pocketid

I had to force enable SSO and login from the admin page still otherwise it wouldn't show the "Use single sign-on". Before forcing the config I tested the auth by adding /#/sso to the URL to confirm it's all good.