.

stack.env

@@ -463,9 +463,9 @@ OPENID_ADMIN_ROLE=
 OPENID_ADMIN_ROLE_PARAMETER_PATH=
 OPENID_ADMIN_ROLE_TOKEN_KIND=
 # Set to determine which user info property returned from OpenID Provider to store as the User's username
-OPENID_USERNAME_CLAIM=
+OPENID_USERNAME_CLAIM=preferred_username
 # Set to determine which user info property returned from OpenID Provider to store as the User's name
-OPENID_NAME_CLAIM=
+OPENID_NAME_CLAIM=name
 # Optional audience parameter for OpenID authorization requests
 OPENID_AUDIENCE=
 OPENID_GENERATE_NONCE=true
@@ -478,17 +478,17 @@ OPENID_AUTO_REDIRECT=false
 # Set to true to use PKCE (Proof Key for Code Exchange) for OpenID authentication
 OPENID_USE_PKCE=false
 #Set to true to reuse openid tokens for authentication management instead of using the mongodb session and the custom refresh token.
-OPENID_REUSE_TOKENS=
+OPENID_REUSE_TOKENS=true
 #By default, signing key verification results are cached in order to prevent excessive HTTP requests to the JWKS endpoint.
 #If a signing key matching the kid is found, this will be cached and the next time this kid is requested the signing key will be served from the cache.
 #Default is true.
 OPENID_JWKS_URL_CACHE_ENABLED=
 OPENID_JWKS_URL_CACHE_TIME= # 600000 ms eq to 10 minutes leave empty to disable caching
 #Set to true to trigger token exchange flow to acquire access token for the userinfo endpoint.
-OPENID_ON_BEHALF_FLOW_FOR_USERINFO_REQUIRED=
+OPENID_ON_BEHALF_FLOW_FOR_USERINFO_REQUIRED=true
 OPENID_ON_BEHALF_FLOW_USERINFO_SCOPE="user.read" # example for Scope Needed for Microsoft Graph API
 # Set to true to use the OpenID Connect end session endpoint for logout
-OPENID_USE_END_SESSION_ENDPOINT=
+OPENID_USE_END_SESSION_ENDPOINT=true
 
 #========================#
 # SharePoint Integration #