XWiki Configuration

  • Note: the following applies to Windows configuration

  • Log into your XWiki admin account and go to the Administer Wiki section

  • Go to the Extensions tab and install the OpenID Connect Authenticator extension

  • Edit the xwiki.cfg file and write the following line :

  • Edit the xwiki.properties file and write the following lines:

  • Reboot your XWiki server to take modifications into account


  • This documentation applies if you have the standard flavor. If you have another flavor, the graphical user interface may differ

  • oidc.scope parameter can be adapted to suit your needs

  • For SSO to work with existing users, the field User on XWiki has to match their Trustelem email

  • To disable Single Sign-On, change the oidc.skipped=false line to oidc.skipped=true

Trustelem Configuration

  • On Trustelem, write your XWiki server URL in the corresponding field

Roles Configuration

  • If you want to map your Trustelem roles with XWiki’s ones you need to edit the xwiki.properties file and add these lines:

  • The second line must be added for each mapping you want to do

  • On Trustelem, you need to add these lines in the Custom claims script section:

  • You can also send more attributes to XWiki by adding these lines in the Custom claims script section (one line per attribute sent):

  • These attributes can then be used in XWiki, for example if you want to change usernames to email-attribute1, you’ll need to edit xwiki.properties and write: