From 3c704d0fbc47bf4f860999597d20e8b8ad314404 Mon Sep 17 00:00:00 2001
From: "J.P. Krauss" <jkrauss@asymworks.com>
Date: Sat, 16 Aug 2025 11:10:51 -0700
Subject: [PATCH] feat: add OpenID Connect auth provider configuration

---
 configuration.yaml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/configuration.yaml b/configuration.yaml
index ca30d6b..f3b041a 100644
--- a/configuration.yaml
+++ b/configuration.yaml
@@ -32,6 +32,19 @@ homeassistant:
   customize: !include include/customize.yaml
   packages: !include_dir_named packages
 
+# OpenID Connect
+auth_oidc:
+  display_name: KraussNet SSO
+  client_id: "hass"
+  discovery_url: "https://idm.kraussnet.com/oauth2/openid/hass/.well-known/openid-configuration"
+  features:
+    automatic_person_creation: false
+    automatic_user_linking: true
+  id_token_signing_alg: "ES256"
+  roles:
+    admin: "hass_admins@idm.kraussnet.com"
+    user: "hass_users@idm.kraussnet.com"
+
 # HTTP Access
 http:
   ip_ban_enabled: true