LoadModule auth_openidc_module modules/mod_auth_openidc.so

OIDCProviderMetadataURL ${SP_OIDC_PROVIDER_METADATA_URL} #http://portal.mse.local:8000/auth/.well-known/openid-configuration
OIDCClientID ${SP_OIDC_CLIENT_NAME} #mse
OIDCClientSecret ${SP_OIDC_CLIENT_SERCRET} #$mse&123456$
OIDCProviderTokenEndpointAuth client_secret_basic
OIDCCookieSameSite On
OIDCSessionType client-cookie
OIDCXForwardedHeaders X-Forwarded-Host
# OIDCRedirectURI is a vanity URL that must point to a path protected by this module but must NOT point to any content
OIDCRedirectURI  ${SP_OIDC_REDIRECT_URI} #http://portal.mse.local:8000/protected/redirect_uri
OIDCCryptoPassphrase ${SP_OIDC_CRYPTO_PASSPHRASE} #$mse&123456$
OIDCOAuthAcceptTokenAs header
OIDCUnAutzAction 302 ${SP_OIDC_ERROR_URI} #http://portal.mse.local:8000/erreur?msg=mod_auth_fail