22 lines
1.0 KiB
Plaintext
22 lines
1.0 KiB
Plaintext
AZURE_CLIENT_ID=<app-registration-client-id>
|
|
AZURE_TENANT_ID=<azure-ad-tenant-id>
|
|
|
|
# Set to true for local dev to skip JWT verification (never use in production)
|
|
# DEV_AUTH_BYPASS=true
|
|
|
|
# AI lock duration in hours (default: 24, use 168 for 7 days)
|
|
# AI_LOCK_EXPIRY_HOURS=168
|
|
|
|
# Graph API calendar integration (OBO flow)
|
|
# AZURE_CLIENT_SECRET=<client-secret-value>
|
|
# AZURE_OBO_CLIENT_ID=<client-id of the app registration the frontend uses>
|
|
# Only needed if VITE_AZURE_CLIENT_ID != AZURE_CLIENT_ID (separate frontend/backend registrations).
|
|
# The OBO assertion token's audience must match this client_id.
|
|
# Required: App Registration → API permissions → Microsoft Graph → Calendars.Read (delegated) → Grant admin consent
|
|
# Then: Certificates & secrets → New client secret → copy value here
|
|
|
|
# Client needs VITE_ prefix — create client/.env with:
|
|
# VITE_AZURE_CLIENT_ID=<same as above>
|
|
# VITE_AZURE_TENANT_ID=<same as above>
|
|
# VITE_DEV_AUTH_BYPASS=true ← DEV ONLY: skips MS login in browser (never set in production)
|