docs: misc fixes (#5462)

Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2023-05-20 10:11:50 +10:00 · 2023-05-20 10:11:50 +10:00 · 83c4cb8a94
parent 90c0bce3a4
commit 83c4cb8a94
47 changed files with 144 additions and 117 deletions
--- a/docs/content/en/blog/pre-release-notes-4.37/index.md
+++ b/docs/content/en/blog/pre-release-notes-4.37/index.md
@ -31,14 +31,14 @@ with all major proxies supported excluding Microsoft IIS.
 [Envoy]: https://www.envoyproxy.io/
 [Istio]: https://istio.io/
-## OpenID Connect Improvements
+## OpenID Connect 1.0 Improvements
-Several items from the [OpenID Connect Roadmap](../../roadmap/active/openid-connect.md) are being checked off in this
+Several items from the [OpenID Connect 1.0 Roadmap](../../roadmap/active/openid-connect.md) are being checked off in this
 release.
 ### Hashed Client Secrets
-We'll be supporting hashed OpenID Connect client secrets in this release. People will still be able to use plaintext
+We'll be supporting hashed OpenID Connect 1.0 client secrets in this release. People will still be able to use plaintext
 secrets if they wish however we'll be recommending people utilize PBKDF2, BCrypt or SHA512 SHA2CRYPT (see
 [Password Algorithms](#password-algorithms) for a full compatibility list). This doesn't change anything for OpenID
 Connect Relying Parties, it only requires a change in the Authelia configuration.
--- a/docs/content/en/configuration/identity-providers/introduction.md
+++ b/docs/content/en/configuration/identity-providers/introduction.md
@ -14,6 +14,6 @@ aliases:
  - /docs/configuration/identity-providers/
 ---
-## OpenID Connect
+## OpenID Connect 1.0
 The only identity provider implementation supported at this time is [OpenID Connect 1.0](openid-connect/provider.md).
--- a/docs/content/en/configuration/identity-providers/openid-connect/clients.md
+++ b/docs/content/en/configuration/identity-providers/openid-connect/clients.md
@ -16,8 +16,8 @@ This section covers specifics regarding configuring the providers registered cli
 provider specific configuration and information not related to clients see the [OpenID Connect 1.0 Provider](provider.md)
 documentation.
-More information about OpenID Connect can be found in the [roadmap](../../../roadmap/active/openid-connect.md) and in the
+More information about OpenID Connect 1.0 can be found in the [roadmap](../../../roadmap/active/openid-connect.md) and
-[integration](../../../integration/openid-connect/introduction.md) documentation.
+in the [integration](../../../integration/openid-connect/introduction.md) documentation.
 ## Configuration
--- a/docs/content/en/configuration/identity-providers/openid-connect/provider.md
+++ b/docs/content/en/configuration/identity-providers/openid-connect/provider.md
@ -299,9 +299,9 @@ Allows additional debug messages to be sent to the clients.
 This controls the minimum length of the `nonce` and `state` parameters.
 *__Security Notice:__* Changing this value is generally discouraged, reducing it from the default can theoretically
-make certain scenarios less secure. It is highly encouraged that if your OpenID Connect RP does not send these
+make certain scenarios less secure. It is highly encouraged that if your OpenID Connect 1.0 Relying Party does not send
-parameters or sends parameters with a lower length than the default that they implement a change rather than changing
+these parameters or sends parameters with a lower length than the default that they implement a change rather than
-this value.
+changing this value.
 ### enforce_pkce
--- a/docs/content/en/configuration/methods/environment.md
+++ b/docs/content/en/configuration/methods/environment.md
@ -16,7 +16,7 @@ Environment variables are applied after the configuration file meaning anything
 overrides the configuration files.
 *__Please Note:__ It is not possible to configure several sections at this time, these include but may not be
-limited to the rules section in access control, the clients section in the OpenID Connect identity provider, the cookies
+limited to the rules section in access control, the clients section in the OpenID Connect 1.0 Provider, the cookies
 section of in session, and the authz section in the server endpoints.*
 ## Prefix
--- a/docs/content/en/configuration/methods/files.md
+++ b/docs/content/en/configuration/methods/files.md
@ -63,9 +63,9 @@ authelia --config configuration.yml,config-acl.yml,config-other.yml
 Authelia's configuration files use the YAML format. A template with all possible options can be found at the root of the
 repository {{< github-link name="here" path="config.template.yml" >}}.
-*__Important Note:__ You should not have configuration sections such as Access Control Rules or OpenID Connect clients
+*__Important Note:__ You should not have configuration sections such as Access Control Rules or OpenID Connect 1.0
-configured in multiple files. If you wish to split these into their own files that is fine, but if you have two files that
+clients configured in multiple files. If you wish to split these into their own files that is fine, but if you have two
-specify these sections and expect them to merge properly you are asking for trouble.*
+files that specify these sections and expect them to merge properly you are asking for trouble.*
 ### Container
--- a/docs/content/en/configuration/miscellaneous/server-endpoints-authz.md
+++ b/docs/content/en/configuration/miscellaneous/server-endpoints-authz.md
@ -24,16 +24,24 @@ server:
    authz:
      forward-auth:
        implementation: 'ForwardAuth'
-        authn_strategies: []
+        authn_strategies:
          - name: 'HeaderProxyAuthorization'
          - name: 'CookieSession'
      ext-authz:
        implementation: 'ExtAuthz'
-        authn_strategies: []
+        authn_strategies:
          - name: 'HeaderProxyAuthorization'
          - name: 'CookieSession'
      auth-request:
        implementation: 'AuthRequest'
-        authn_strategies: []
+        authn_strategies:
          - name: 'HeaderAuthRequestProxyAuthorization'
          - name: 'CookieSession'
      legacy:
        implementation: 'Legacy'
-        authn_strategies: []
+        authn_strategies:
          - name: 'HeaderLegacy'
          - name: 'CookieSession'
 ```
 ## Name
--- a/docs/content/en/configuration/second-factor/webauthn.md
+++ b/docs/content/en/configuration/second-factor/webauthn.md
@ -89,6 +89,6 @@ Please see the [documentation](../prologue/common.md#duration) on this format fo
 This adjusts the requested timeout for a WebAuthn interaction.
-## FAQ
+## Frequently Asked Questions
-See the [Security Key FAQ](../../overview/authentication/security-key/index.md#faq) for the FAQ.
+See the [Security Key FAQ](../../overview/authentication/security-key/index.md#frequently-asked-questions) for the FAQ.
--- a/docs/content/en/configuration/storage/migrations.md
+++ b/docs/content/en/configuration/storage/migrations.md
@ -32,9 +32,9 @@ this instance if you wanted to downgrade to pre1 you would need to use an Authel
 |       1        |      4.33.0      |                                 Initial migration managed version                                  |
 |       2        |      4.34.0      | WebAuthn - added webauthn_devices table, altered totp_config to include device created/used dates  |
 |       3        |      4.34.2      |     WebAuthn - fix V2 migration kid column length and provide migration path for anyone on V2      |
-|       4        |      4.35.0      |               Added OpenID Connect storage tables and opaque user identifier tables                |
+|       4        |      4.35.0      |             Added OpenID Connect 1.0 storage tables and opaque user identifier tables              |
 |       5        |      4.35.1      | Fixed the oauth2_consent_session table to accept NULL subjects for users who are not yet signed in |
-|       6        |      4.37.0      |          Adjusted the OpenID Connect tables to allow pre-configured consent improvements           |
+|       6        |      4.37.0      |        Adjusted the OpenID Connect 1.0 tables to allow pre-configured consent improvements         |
 |       7        |      4.37.3      |       Fixed some schema inconsistencies most notably the MySQL/MariaDB Engine and Collation        |
 |       8        |      4.38.0      |                          OpenID Connect 1.0 Pushed Authorization Requests                          |
 |       9        |      4.38.0      | Fix a PostgreSQL NOT NULL constraint issue on the `aaguid` column of the `webauthn_devices` table  |
--- a/docs/content/en/contributing/development/environment.md
+++ b/docs/content/en/contributing/development/environment.md
@ -62,7 +62,7 @@ There is a scripting context provided with __Authelia__ which can easily be conf
 [suites] and various other tasks. Read more about it in the [authelia-scripts](reference-authelia-scripts.md) reference
 guide.
-## FAQ
+## Frequently Asked Questions
 ### Do you support development under Windows or OSX?
--- a/docs/content/en/integration/deployment/docker.md
+++ b/docs/content/en/integration/deployment/docker.md
@ -210,7 +210,7 @@ running the following command:
 grep -Eo '"https://.*" ' ./authelia/notification.txt.
 ```
-## FAQ
+## Frequently Asked Questions
 #### Running the Proxy on the Host Instead of in a Container
--- a/docs/content/en/integration/kubernetes/introduction.md
+++ b/docs/content/en/integration/kubernetes/introduction.md
@ -63,7 +63,7 @@ spec:
 ...
 ```
-## FAQ
+## Frequently Asked Questions
 ### RAM usage
--- a/docs/content/en/integration/openid-connect/_index.md
+++ b/docs/content/en/integration/openid-connect/_index.md
@ -1,6 +1,6 @@
 ---
-title: "OpenID Connect"
+title: "OpenID Connect 1.0"
-description: "OpenID Connect Integration"
+description: "OpenID Connect 1.0 Integration"
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/apache-guacamole/index.md
+++ b/docs/content/en/integration/openid-connect/apache-guacamole/index.md
@ -1,6 +1,6 @@
 ---
 title: "Apache Guacamole"
-description: "Integrating Apache Guacamole with the Authelia OpenID Connect Provider."
+description: "Integrating Apache Guacamole with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-07-31T13:09:05+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/argocd/index.md
+++ b/docs/content/en/integration/openid-connect/argocd/index.md
@ -1,6 +1,6 @@
 ---
 title: "Argo CD"
-description: "Integrating Argo CD with the Authelia OpenID Connect Provider."
+description: "Integrating Argo CD with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-07-13T04:27:30+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/bookstack/index.md
+++ b/docs/content/en/integration/openid-connect/bookstack/index.md
@ -1,6 +1,6 @@
 ---
 title: "BookStack"
-description: "Integrating BookStack with the Authelia OpenID Connect Provider."
+description: "Integrating BookStack with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/cloudflare-zerotrust/index.md
+++ b/docs/content/en/integration/openid-connect/cloudflare-zerotrust/index.md
@ -1,6 +1,6 @@
 ---
 title: "Cloudflare Zero Trust"
-description: "Integrating Cloudflare Zero Trust with the Authelia OpenID Connect Provider."
+description: "Integrating Cloudflare Zero Trust with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/firezone/index.md
+++ b/docs/content/en/integration/openid-connect/firezone/index.md
@ -1,6 +1,6 @@
 ---
 title: "Firezone"
-description: "Integrating Firezone with the Authelia OpenID Connect Provider."
+description: "Integrating Firezone with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2023-03-28T20:29:13+11:00
 draft: false
--- a/docs/content/en/integration/openid-connect/frequently-asked-questions.md
+++ b/docs/content/en/integration/openid-connect/frequently-asked-questions.md
@ -1,7 +1,7 @@
 ---
 title: "Frequently Asked Questions"
-description: "Frequently Asked Questions regarding integrating the Authelia OpenID Connect Provider with an OpenID Connect relying party"
+description: "Frequently Asked Questions regarding integrating the Authelia OpenID Connect 1.0 Provider with an OpenID Connect 1.0 Relying Party"
-lead: "Frequently Asked Questions regarding integrating the Authelia OpenID Connect Provider with an OpenID Connect relying party."
+lead: "Frequently Asked Questions regarding integrating the Authelia OpenID Connect 1.0 Provider with an OpenID Connect 1.0 Relying Party."
 date: 2022-10-20T15:27:09+11:00
 draft: false
 images: []
--- a/docs/content/en/integration/openid-connect/gitea/index.md
+++ b/docs/content/en/integration/openid-connect/gitea/index.md
@ -1,6 +1,6 @@
 ---
 title: "Gitea"
-description: "Integrating Gitea with the Authelia OpenID Connect Provider."
+description: "Integrating Gitea with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-07-01T13:07:02+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/gitlab/index.md
+++ b/docs/content/en/integration/openid-connect/gitlab/index.md
@ -1,6 +1,6 @@
 ---
 title: "GitLab"
-description: "Integrating GitLab with the Authelia OpenID Connect Provider."
+description: "Integrating GitLab with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/grafana/index.md
+++ b/docs/content/en/integration/openid-connect/grafana/index.md
@ -1,6 +1,6 @@
 ---
 title: "Grafana"
-description: "Integrating Grafana with the Authelia OpenID Connect Provider."
+description: "Integrating Grafana with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/harbor/index.md
+++ b/docs/content/en/integration/openid-connect/harbor/index.md
@ -1,6 +1,6 @@
 ---
 title: "Harbor"
-description: "Integrating Harbor with the Authelia OpenID Connect Provider."
+description: "Integrating Harbor with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/hashicorp-vault/index.md
+++ b/docs/content/en/integration/openid-connect/hashicorp-vault/index.md
@ -1,6 +1,6 @@
 ---
 title: "HashiCorp Vault"
-description: "Integrating HashiCorp Vault with the Authelia OpenID Connect Provider."
+description: "Integrating HashiCorp Vault with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/introduction.md
+++ b/docs/content/en/integration/openid-connect/introduction.md
@ -1,7 +1,7 @@
 ---
 title: "OpenID Connect"
-description: "An introduction into integrating the Authelia OpenID Connect Provider with an OpenID Connect relying party"
+description: "An introduction into integrating the Authelia OpenID Connect 1.0 Provider with an OpenID Connect 1.0 Relying Party"
-lead: "An introduction into integrating the Authelia OpenID Connect Provider with an OpenID Connect relying party."
+lead: "An introduction into integrating the Authelia OpenID Connect 1.0 Provider with an OpenID Connect 1.0 Relying Party."
 date: 2022-06-15T17:51:47+10:00
 draft: false
 images: []
@ -265,7 +265,7 @@ The following table describes the response from the [UserInfo] endpoint dependin
 ## Endpoint Implementations
 The following section documents the endpoints we implement and their respective paths. This information can
-traditionally be discovered by relying parties that utilize [OpenID Connect Discovery], however this information may be
+traditionally be discovered by relying parties that utilize [OpenID Connect Discovery 1.0], however this information may be
 useful for clients which do not implement this.
 The endpoints can be discovered easily by visiting the Discovery and Metadata endpoints. It is recommended regardless
@ -275,7 +275,7 @@ below.
 These tables document the endpoints we currently support and their paths in the most recent version of Authelia. The
 paths are appended to the end of the primary URL used to access Authelia. The tables use the url
-https://auth.example.com as an example of the Authelia root URL which is also the OpenID Connect issuer.
+https://auth.example.com as an example of the Authelia root URL which is also the OpenID Connect 1.0 Issuer.
 ### Well Known Discovery Endpoints
@ -283,12 +283,12 @@ These endpoints can be utilized to discover other endpoints and metadata about t
 |                 Endpoint                  |                              Path                               |
 |:-----------------------------------------:|:---------------------------------------------------------------:|
-|        [OpenID Connect Discovery]         |    https://auth.example.com/.well-known/openid-configuration    |
+|        [OpenID Connect Discovery 1.0]         |    https://auth.example.com/.well-known/openid-configuration    |
 | [OAuth 2.0 Authorization Server Metadata] | https://auth.example.com/.well-known/oauth-authorization-server |
 ### Discoverable Endpoints
-These endpoints implement OpenID Connect elements.
+These endpoints implement OpenID Connect 1.0 Provider specifications.
 |            Endpoint             |                              Path                              |          Discovery Attribute          |
 |:-------------------------------:|:--------------------------------------------------------------:|:-------------------------------------:|
@ -365,7 +365,7 @@ The advantages of this approach are as follows:
 [OpenID Connect 1.0]: https://openid.net/connect/
-[OpenID Connect Discovery]: https://openid.net/specs/openid-connect-discovery-1_0.html
+[OpenID Connect Discovery 1.0]: https://openid.net/specs/openid-connect-discovery-1_0.html
 [OAuth 2.0 Authorization Server Metadata]: https://datatracker.ietf.org/doc/html/rfc8414
 [JSON Web Key Set]: https://datatracker.ietf.org/doc/html/rfc7517#section-5
--- a/docs/content/en/integration/openid-connect/kasm-workspaces/index.md
+++ b/docs/content/en/integration/openid-connect/kasm-workspaces/index.md
@ -1,6 +1,6 @@
 ---
 title: "Kasm Workspaces"
-description: "Integrating Kasm Workspaces with the Authelia OpenID Connect Provider."
+description: "Integrating Kasm Workspaces with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2023-04-27T18:40:06+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/komga/index.md
+++ b/docs/content/en/integration/openid-connect/komga/index.md
@ -1,6 +1,6 @@
 ---
 title: "Komga"
-description: "Integrating Komga with the Authelia OpenID Connect Provider."
+description: "Integrating Komga with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-08-26T11:39:00+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/minio/index.md
+++ b/docs/content/en/integration/openid-connect/minio/index.md
@ -1,6 +1,6 @@
 ---
 title: "MinIO"
-description: "Integrating MinIO with the Authelia OpenID Connect Provider."
+description: "Integrating MinIO with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2023-03-21T11:21:23+11:00
 draft: false
--- a/docs/content/en/integration/openid-connect/misago/index.md
+++ b/docs/content/en/integration/openid-connect/misago/index.md
@ -1,6 +1,6 @@
 ---
 title: "Misago"
-description: "Integrating Misago with the Authelia OpenID Connect Provider."
+description: "Integrating Misago with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2023-03-14T08:51:13+11:00
 draft: false
--- a/docs/content/en/integration/openid-connect/nextcloud/index.md
+++ b/docs/content/en/integration/openid-connect/nextcloud/index.md
@ -1,6 +1,6 @@
 ---
 title: "Nextcloud"
-description: "Integrating Nextcloud with the Authelia OpenID Connect Provider."
+description: "Integrating Nextcloud with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/outline/index.md
+++ b/docs/content/en/integration/openid-connect/outline/index.md
@ -1,6 +1,6 @@
 ---
 title: "Outline"
-description: "Integrating Outline with the Authelia OpenID Connect Provider."
+description: "Integrating Outline with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-08-12T09:11:42+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/portainer/index.md
+++ b/docs/content/en/integration/openid-connect/portainer/index.md
@ -1,6 +1,6 @@
 ---
 title: "Portainer"
-description: "Integrating Portainer with the Authelia OpenID Connect Provider."
+description: "Integrating Portainer with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/proxmox/index.md
+++ b/docs/content/en/integration/openid-connect/proxmox/index.md
@ -1,6 +1,6 @@
 ---
 title: "Proxmox"
-description: "Integrating Proxmox with the Authelia OpenID Connect Provider."
+description: "Integrating Proxmox with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/seafile/index.md
+++ b/docs/content/en/integration/openid-connect/seafile/index.md
@ -1,6 +1,6 @@
 ---
 title: "Seafile"
-description: "Integrating Seafile with the Authelia OpenID Connect Provider."
+description: "Integrating Seafile with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/synapse/index.md
+++ b/docs/content/en/integration/openid-connect/synapse/index.md
@ -1,6 +1,6 @@
 ---
 title: "Synapse"
-description: "Integrating Synapse with the Authelia OpenID Connect Provider."
+description: "Integrating Synapse with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-06-15T17:51:47+10:00
 draft: false
--- a/docs/content/en/integration/openid-connect/synology-dsm/index.md
+++ b/docs/content/en/integration/openid-connect/synology-dsm/index.md
@ -1,6 +1,6 @@
 ---
 title: "Synology DSM"
-description: "Integrating Synology DSM with the Authelia OpenID Connect Provider."
+description: "Integrating Synology DSM with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2022-10-18T21:22:13+11:00
 draft: false
--- a/docs/content/en/integration/openid-connect/tailscale/index.md
+++ b/docs/content/en/integration/openid-connect/tailscale/index.md
@ -1,6 +1,6 @@
 ---
 title: "Tailscale"
-description: "Using Authelia as the Tailscale OpenID Connect Provider."
+description: "Integrating Tailscale with the Authelia OpenID Connect 1.0 Provider."
 lead: ""
 date: 2023-04-23T10:06:28+10:00
 draft: false
--- a/docs/content/en/integration/proxies/nginx.md
+++ b/docs/content/en/integration/proxies/nginx.md
@ -466,14 +466,6 @@ and is paired with [authelia-location.conf](#authelia-locationconf).*
 ## Send a subrequest to Authelia to verify if the user is authenticated and has permission to access the resource.
 auth_request /internal/authelia/authz;
 ## Save the upstream authorization response headers from Authelia to variables.
 auth_request_set $authorization $upstream_http_authorization;
 auth_request_set $proxy_authorization $upstream_http_proxy_authorization;
 ## Inject the authorization response headers from the variables into the request made to the backend.
 proxy_set_header Authorization $authorization;
 proxy_set_header Proxy-Authorization $proxy_authorization;
 ## Save the upstream metadata response headers from Authelia to variables.
 auth_request_set $user $upstream_http_remote_user;
 auth_request_set $groups $upstream_http_remote_groups;
@ -486,10 +478,6 @@ proxy_set_header Remote-Groups $groups;
 proxy_set_header Remote-Email $email;
 proxy_set_header Remote-Name $name;
 ## Include the Set-Cookie header if present.
 auth_request_set $cookie $upstream_http_set_cookie;
 add_header Set-Cookie $cookie;
 ## Configure the redirection when the authz failure occurs. Lines starting with 'Modern Method' and 'Legacy Method'
 ## should be commented / uncommented as pairs. The modern method uses the session cookies configuration's authelia_url
 ## value to determine the redirection URL here. It's much simpler and compatible with the mutli-cookie domain easily.
--- a/docs/content/en/integration/proxies/traefik.md
+++ b/docs/content/en/integration/proxies/traefik.md
@ -517,7 +517,7 @@ http:
 ```
 {{< /details >}}
-## FAQ
+## Frequently Asked Questions
 ### Basic Authentication
--- a/docs/content/en/overview/authentication/push-notification/index.md
+++ b/docs/content/en/overview/authentication/push-notification/index.md
@ -39,7 +39,7 @@ Now that Authelia is configured, pass the first factor and select the Push notif
 You should now receive a notification on your mobile phone with all the details about the authentication request. In
 case you have multiple devices available, you will be asked to select your preferred device.
-## FAQ
+## Frequently Asked Questions
 ### Why don't I have access to the *Push Notification* option?
--- a/docs/content/en/overview/authentication/security-key/index.md
+++ b/docs/content/en/overview/authentication/security-key/index.md
@ -43,7 +43,7 @@ requested:
 Easy, right?!
-## FAQ
+## Frequently Asked Questions
 ### Can I register multiple FIDO2 WebAuthn devices?
--- a/docs/content/en/overview/security/threat-model.md
+++ b/docs/content/en/overview/security/threat-model.md
@ -86,5 +86,5 @@ It's important to note that Authelia is considered running in a trusted environm
   transmitted unsigned to the backends, meaning a malicious user within the network could pretend to be
   Authelia and send those headers to bypass authentication and gain access to the service. This could be mitigated by
   transmitting those headers with a digital signature which could be verified by the backend however, many backends
-   just won't support it. It has therefore been decided to invest in OpenID Connect instead to solve that authentication
+   just won't support it. It has therefore been decided to invest in OpenID Connect 1.0 instead to solve that
-   delegation problem.
+   authentication delegation problem.
--- a/docs/content/en/reference/guides/frequently-asked-questions.md
+++ b/docs/content/en/reference/guides/frequently-asked-questions.md
@ -12,6 +12,24 @@ weight: 220
 toc: true
 ---
 ## Miscellaneous
 - [Docker](../../integration/deployment/docker.md#frequently-asked-questions)
 - [Development](../../contributing/development/environment.md#frequently-asked-questions)
 ## Authentication
 - [WebAuthn](../../overview/authentication/security-key/index.md#frequently-asked-questions)
 - [Duo](../../overview/authentication/push-notification/index.md#frequently-asked-questions)
 ## Proxies
 - [Traefik](../../integration/proxies/traefik.md#frequently-asked-questions)
 ## Kubernetes
 - [General](../../integration/kubernetes/introduction.md#frequently-asked-questions)
 ## Identity Providers
 - [OpenID Connect 1.0 Integration](../../integration/openid-connect/frequently-asked-questions.md)
--- a/docs/content/en/roadmap/active/dashboard-control-panel.md
+++ b/docs/content/en/roadmap/active/dashboard-control-panel.md
@ -14,8 +14,8 @@ aliases:
  - /r/dashboard
 ---
-This feature has several major impacts on other roadmap items. For example several OpenID Connect features would greatly
+This feature has several major impacts on other roadmap items. For example several OpenID Connect 1.0 features would
-benefit from a dashboard. It would also be important when we implement WebAuthn features like passwordless
+greatly benefit from a dashboard. It would also be important when we implement WebAuthn features like passwordless
 authentication allowing users to intentionally register a passwordless credential.
 ## Stages
--- a/docs/content/en/roadmap/active/openid-connect.md
+++ b/docs/content/en/roadmap/active/openid-connect.md
@ -1,7 +1,7 @@
 ---
-title: "OpenID Connect"
+title: "OpenID Connect 1.0"
-description: "Authelia OpenID Connect Implementation"
+description: "Authelia OpenID Connect 1.0 Provider Implementation"
-lead: "The OpenID Connect Provider role is a very useful but complex feature to enhance interoperability of Authelia with other products. "
+lead: "The OpenID Connect 1.0 Provider role is a very useful but complex feature to enhance interoperability of Authelia with other products. "
 date: 2022-06-15T17:51:47+10:00
 draft: false
 images: []
@ -15,14 +15,15 @@ aliases:
  - /docs/roadmap/oidc.html
 ---
-We have decided to implement [OpenID Connect] as a beta feature, it's suggested you only utilize it for testing and
+We have decided to implement [OpenID Connect 1.0] as a beta feature, it's suggested you only utilize it for testing and
-providing feedback, and should take caution in relying on it in production as of now. [OpenID Connect] and it's related
+providing feedback, and should take caution in relying on it in production as of now. [OpenID Connect 1.0] and it's
-endpoints are not enabled by default unless you specifically configure the [OpenID Connect] section.
+related endpoints are not enabled by default unless you specifically configure the [OpenID Connect 1.0] section.
-As [OpenID Connect] is fairly complex (the [OpenID Connect] Provider role especially so) it's intentional that it is
+As [OpenID Connect 1.0] is fairly complex (the [OpenID Connect 1.0] Provider role especially so) it's intentional that
-both a beta and that the implemented features are part of a thoughtful roadmap. Items that are not immediately obvious
+it is both a beta and that the implemented features are part of a thoughtful roadmap. Items that are not immediately
-as required (i.e. bug fixes or spec features), will likely be discussed in team meetings or on GitHub issues before
+obvious as required (i.e. bug fixes or spec features), will likely be discussed in team meetings or on GitHub issues
-being added to the list. We want to implement this feature in a very thoughtful way in order to avoid security issues.
+before being added to the list. We want to implement this feature in a very thoughtful way in order to avoid security
 issues.
 ## Stages
@ -38,7 +39,7 @@ Feature List:
 * [User Consent](https://openid.net/specs/openid-connect-core-1_0.html#Consent)
 * [Authorization Code Flow](https://openid.net/specs/openid-connect-core-1_0.html#CodeFlowSteps)
-* [OpenID Connect Discovery](https://openid.net/specs/openid-connect-discovery-1_0.html)
+* [OpenID Connect Discovery 1.0](https://openid.net/specs/openid-connect-discovery-1_0.html)
 * [RS256 Signature Strategy](https://datatracker.ietf.org/doc/html/rfc7518#section-3.1)
 * Per Client Scope/Grant Type/Response Type Restriction
 * Per Client Authorization Policy (1FA/2FA)
@ -64,7 +65,7 @@ Feature List:
 Feature List:
-* [Proof Key Code Exchange (PKCE)] for Authorization Code Flow
+* [RFC7636: Proof Key for Code Exchange (PKCE)] for Authorization Code Flow
 * Claims:
  * `preferred_username` - sending the username in this claim instead of the `sub` claim.
@ -79,12 +80,12 @@ Feature List:
  * Auditable Information
  * Subject to User Mapping
 * Opaque [RFC4122] UUID v4's for subject identifiers
-* Support for Pairwise and Plain subject identifier types as per [OpenID Connect Core (Subject Identifier Types)]
+* Support for Pairwise and Plain subject identifier types as per [OpenID Connect Core 1.0 (Subject Identifier Types)]
-  * Utilize the pairwise example method 3 as per [OpenID Connect Core (Pairwise Identifier Algorithm)]
+  * Utilize the pairwise example method 3 as per [OpenID Connect Core 1.0 (Pairwise Identifier Algorithm)]
 * Claims:
  * `sub` - replace username with opaque random [RFC4122] UUID v4
  * `amr` - authentication method references as per [RFC8176]
-  * `azp` - authorized party as per [OpenID Connect Core (ID Token)]
+  * `azp` - authorized party as per [OpenID Connect Core 1.0 (ID Token)]
  * `client_id` - the Client ID as per [RFC8693 Section 4.3]
 * [Cross Origin Resource Sharing] (CORS):
  * Automatically allow all cross-origin requests to the discovery endpoints
@ -106,7 +107,7 @@ Feature List:
  * Implicit:
    * Not expressly standards compliant
    * Never asks for end-user consent
-    * Not compatible with the consent prompt type
+    * Not compatible with the `consent` prompt type
  * Pre-Configured:
    * Allows users to save consent sessions for a duration configured by the administrator
    * Operates nearly identically to the explicit consent mode
@ -115,15 +116,15 @@ Feature List:
 {{< roadmap-status stage="in-progress" version="v4.38.0" >}}
-* [RFC9126: OAuth 2.0 Pushed Authorization Requests](https://datatracker.ietf.org/doc/html/rfc9126)
+* [RFC9126: OAuth 2.0 Pushed Authorization Requests]
-* [RFC7523: JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants](https://datatracker.ietf.org/doc/html/rfc7523):
+* [RFC7523: JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants]:
  * Client Auth Method `client_secret_jwt`
  * Client Auth Method `private_key_jwt`
-* Per-Client [Proof Key Code Exchange (PKCE)] Policy
+* Per-Client [RFC7636: Proof Key for Code Exchange (PKCE)] Policy
 * Multiple Issuer JWKs:
-  * RS256, RS384, RS512
+  * `RS256`, `RS384`, `RS512`
-  * PS256, PS384, PS512
+  * `PS256`, `PS384`, `PS512`
-  * ES256, ES384, ES512
+  * `ES256`, `ES384`, `ES512`
 ### Beta 7
@ -134,7 +135,7 @@ Feature List:
 * Prompt Handling
 * Display Handling
-See [OpenID Connect Core (Mandatory to Implement Features for All OpenID Providers)].
+See [OpenID Connect Core 1.0 (Mandatory to Implement Features for All OpenID Providers)].
 ### Beta 8
@ -144,6 +145,15 @@ Feature List:
 * Revoke Tokens on User Logout or Expiration
 * [JSON Web Key Rotation](https://openid.net/specs/openid-connect-messages-1_0-20.html#rotate.sig.keys)
 * In-Storage Configuration:
  * Multi-Issuer Configuration (require one per Issuer URL)
  * Dynamically Configured via CLI
  * Import from YAML:
    * Manual method
    * Bootstrap method:
      * Defaults to one time only
      * Can optionally override the database configuration
  * Salt (random) and/or Peppered (storage encryption) Client Credentials
 ### General Availability
@ -151,7 +161,7 @@ Feature List:
 Feature List:
-* Enable by Default
+* ~~Enable by Default~~
 * Only after all previous stages are checked for bugs
 ### Miscellaneous
@ -162,13 +172,13 @@ This stage lists features which individually do not fit into a specific stage an
 {{< roadmap-status >}}
-See the [OpenID Connect] website for the [OpenID Connect Dynamic Client Registration] specification.
+See the [OpenID Connect 1.0] website for the [OpenID Connect Dynamic Client Registration 1.0] specification.
 #### OpenID Connect Back-Channel Logout
 {{< roadmap-status >}}
-See the [OpenID Connect] website for the [OpenID Connect Back-Channel Logout] specification.
+See the [OpenID Connect 1.0] website for the [OpenID Connect Back-Channel Logout 1.0] specification.
 Should be implemented alongside [Dynamic Client Registration](#openid-connect-dynamic-client-registration).
@ -176,7 +186,7 @@ Should be implemented alongside [Dynamic Client Registration](#openid-connect-dy
 {{< roadmap-status >}}
-See the [OpenID Connect] website for the [OpenID Connect Front-Channel Logout] specification.
+See the [OpenID Connect 1.0] website for the [OpenID Connect Front-Channel Logout 1.0] specification.
 Should be implemented alongside [Dynamic Client Registration](#openid-connect-dynamic-client-registration).
@ -190,7 +200,7 @@ See the [IETF Specification RFC8414](https://datatracker.ietf.org/doc/html/rfc84
 {{< roadmap-status >}}
-See the [OpenID Connect] website for the [OpenID Connect Session Management] specification.
+See the [OpenID Connect 1.0] website for the [OpenID Connect Session Management 1.0] specification.
 #### End-User Scope Grants
@ -216,14 +226,17 @@ The `preferred_username` claim was missing and was fixed.
 [RFC8693 Section 4.3]: https://datatracker.ietf.org/doc/html/rfc8693/#section-4.3
 [RFC4122]: https://datatracker.ietf.org/doc/html/rfc4122
-[OpenID Connect]: https://openid.net/connect/
+[OpenID Connect 1.0]: https://openid.net/connect/
-[OpenID Connect Front-Channel Logout]: https://openid.net/specs/openid-connect-frontchannel-1_0.html
+[OpenID Connect Front-Channel Logout 1.0]: https://openid.net/specs/openid-connect-frontchannel-1_0.html
-[OpenID Connect Back-Channel Logout]: https://openid.net/specs/openid-connect-backchannel-1_0.html
+[OpenID Connect Back-Channel Logout 1.0]: https://openid.net/specs/openid-connect-backchannel-1_0.html
-[OpenID Connect Session Management]: https://openid.net/specs/openid-connect-session-1_0.html
+[OpenID Connect Session Management 1.0]: https://openid.net/specs/openid-connect-session-1_0.html
-[OpenID Connect Dynamic Client Registration]: https://openid.net/specs/openid-connect-registration-1_0.html
+[OpenID Connect Dynamic Client Registration 1.0]: https://openid.net/specs/openid-connect-registration-1_0.html
-[OpenID Connect Core (ID Token)]: https://openid.net/specs/openid-connect-core-1_0.html#IDToken
+[OpenID Connect Core 1.0 (ID Token)]: https://openid.net/specs/openid-connect-core-1_0.html#IDToken
-[OpenID Connect Core (Subject Identifier Types)]: https://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
+[OpenID Connect Core 1.0 (Subject Identifier Types)]: https://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes
-[OpenID Connect Core (Pairwise Identifier Algorithm)]: https://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg
+[OpenID Connect Core 1.0 (Pairwise Identifier Algorithm)]: https://openid.net/specs/openid-connect-core-1_0.html#PairwiseAlg
-[OpenID Connect Core (Mandatory to Implement Features for All OpenID Providers)]: https://openid.net/specs/openid-connect-core-1_0.html#ServerMTI
+[OpenID Connect Core 1.0 (Mandatory to Implement Features for All OpenID Providers)]: https://openid.net/specs/openid-connect-core-1_0.html#ServerMTI
-[Proof Key Code Exchange (PKCE)]: https://datatracker.ietf.org/doc/html/rfc7636
+
 [RFC7636: Proof Key for Code Exchange (PKCE)]: https://datatracker.ietf.org/doc/html/rfc7636
 [RFC7523: JSON Web Token (JWT) Profile for OAuth 2.0 Client Authentication and Authorization Grants]: https://datatracker.ietf.org/doc/html/rfc7523
 [RFC9126: OAuth 2.0 Pushed Authorization Requests]: https://datatracker.ietf.org/doc/html/rfc9126
--- a/docs/content/en/roadmap/prologue/introduction.md
+++ b/docs/content/en/roadmap/prologue/introduction.md
@ -25,7 +25,7 @@ be glad to share ideas and plans with you.
 This is a summary of the features which are currently on the roadmap with links to further details:
 1. [WebAuthn](../active/webauthn.md)
-2. [OpenID Connect Provider](../active/openid-connect.md)
+2. [OpenID Connect 1.0 Provider](../active/openid-connect.md)
 3. [Internationalization or Multilingual Support](../active/internationalization.md)
 4. [Multiple Domain Protection](../active/multi-domain-protection.md)
 5. [Control Panel / Dashboard for User / Administration Settings](../active/dashboard-control-panel.md)
--- a/internal/oidc/store.go
+++ b/internal/oidc/store.go
@ -244,8 +244,8 @@ func (s *Store) GetPKCERequestSession(ctx context.Context, signature string, ses
 	return s.loadRequesterBySignature(ctx, storage.OAuth2SessionTypePKCEChallenge, signature, session)
 }
-// CreateOpenIDConnectSession creates an open id connect session for a given authorize code.
+// CreateOpenIDConnectSession creates an OpenID Connect 1.0 connect session for a given authorize code.
-// This is relevant for explicit open id connect flow.
+// This is relevant for explicit OpenID Connect 1.0 flow.
 // This implements a portion of openid.OpenIDConnectRequestStorage.
 func (s *Store) CreateOpenIDConnectSession(ctx context.Context, authorizeCode string, request fosite.Requester) (err error) {
 	return s.saveSession(ctx, storage.OAuth2SessionTypeOpenIDConnect, authorizeCode, request)