Zipline

Open ID Connect (OIDC)

This page documents and guides you through setting up Open ID Connect (OIDC) for Zipline. For now the only documented OIDC provider is Authentik, but you can use any OIDC provider that supports the OIDC standard. Zipline has only been tested with Authentik, so if you encounter any issues with other providers, please open an issue.

Authentik

This will guide you through setting up an application and provider.

  1. Head over to your Authentik Admin Dashboard, and click on "Applications" in the sidebar.
  2. Click "Create with Wizard" to create a new application as well as a new provider. If this option is not available, you can create a new application and provider separately. The guide will assume you are using the wizard.
authentik create application
  1. Enter a name for your application, and click "Next".
authentik application name
  1. Select the "OAuth2/OIDC (Open Authorization/OpenID Connect)" option, and click "Next".
authentik application type
  1. Give the provider a name like "Zipline", and then select a Authorization Flow. You can select "default-provider-authorization-explicit-consent" for the default flow.
authentik provider name
  1. Copy the "Client ID" and "Client Secret" from the "Protocol Settings" section, and save them for later.
  2. Fill out the "Redirect URIs" with the following URI: http(s)://<your domain>/api/auth/oauth/oidc.
authentik redirect uri
Info

When clicking the "Login with OIDC" button, or linking your OIDC account, the host that Zipline uses for the redirect URL will be the same as the host that you accessed Zipline from. If you access Zipline from http://localhost:3000, the redirect URL will be http://localhost:3000/api/auth/oauth/oidc. If you are encountering issues with the redirect URL, you can set a custom redirect URL in the settings dashboard. This MUST have the /api/auth/oauth/oidc path at the end.

  1. Next, scroll down further and click on the "Advanced Protocol Settings" collapsible to expand it.
  2. Next to scopes enable the offline_access scope. In order to do this you may have to hold control and click on the offline_access scope. The email, openid, and profile scopes are also required.
authentik scopes
  1. Click "Submit", and close out of the modal.

Configure Zipline
  1. Navigate to your Zipline instance and go to the settings dashboard, scroll down to the "OAuth" section.
  2. Paste the "Client ID" and "Client Secret" into the respective fields within the OIDC section.

For the OIDC Authorize URL: https://<authentik domain>/application/o/authorize/

For the OIDC Token URL: https://<authentik domain>/application/o/token/

For the OIDC User Info URL: https://<authentik domain>/application/o/userinfo/

zipline settings oauth oidc

After these fields are filled out (click Save to save your changes), you should see a "Login with OIDC" button on the login page, as well as the option to link your OIDC account in the manage account page.

Other OIDC Providers

The guide above is specific to Authentik and may require modifications for other OIDC providers. While the overall steps and URL names will be similar, some details may differ.

If you're using a different OIDC provider, refer to their documentation to obtain the necessary details for configuring the Zipline settings dashboard.

Common OIDC Providers
Google
This page guides you through setting up Google OAuth for Zipline.
ShareX
Zipline can generate a .sxcu (ShareX Custom Uploader) file for you to...
Last updated: 2/2/2025
Edit this page on GitHub

Zipline

© 2025 diced. All rights reserved.
Zipline
FeaturesDocumentationCommunitySponsor
Documentation
Get StartedConfig
Guides
DockerOAuthReverse Proxies
Resources
GitHubGitHub DocsDiscordv3 Docs