LubeLogger uses the user's email address to authenticate against a registered user, the email address provided by the OIDC provider must match the email address of the user in the system.
If the user is attempting to login via OIDC but does not have an account with LubeLogger, they will be prompted for a registration token and to set up a username which will then allow them to log in. Note that the registration token is only required for their first time logging in.
+
+
### Advanced Troubleshooting
+
+
::: warning
+
# Future Feature
+
The following sections describes a feature only available in 1.4.6 and above
+
:::
+
+
The Remote Auth Debug feature is helpful for diagnosing OIDC-related issues, here's how to use it:
+
+
1. Set `OpenIDConfig__RedirectURL` to `https://yourlubeloggerdomain/Login/RemoteAuthDebug`
+
2. Configure your OpenID Provider so that `https://yourlubeloggerdomain/Login/RemoteAuthDebug` is a valid Redirect URL
+
3. Login using OIDC, instead of being redirected to login, you will be redirected to a page that displays checks and results.
+
+
Example scenarios(details redacted for obvious reasons):
+
+
All checks passed and a user is identified:
+
+
+
+
All checks passed but no user is identified with the email(will be redirected to register)
+
+
+
+
Failed State Validation and Expired OpenID Code:
+
+
+
+
Failed Claim Validation(no email returned from OpenID Provider):
