@lobehub/chat 0.147.0 → 0.147.1

package/docs/self-hosting/advanced/sso-providers/github.mdx

@@ -11,6 +11,7 @@ tags:
   - Single Sign-On
   - OAuth authentication
 ---
+
 # Configuring Github Authentication Service
 
 ## Github Configuration Process
@@ -22,53 +23,81 @@ Click [here][github-create-app] to create a new Github App.
 
 Fill in the Github App name, Homepage URL, and Callback URL.
 
-  <Image alt="Create a Github Provider" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/2f919f99-2aaa-4fa7-9938-169d3ed09db7" />
+<Image
+  alt="Create a Github Provider"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/2f919f99-2aaa-4fa7-9938-169d3ed09db7"
+/>
 
 Set the webhook callback URL according to your needs.
 
-  <Image alt="Fill in other fields" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/d7ef5ad1-b1a3-435e-b1bc-4436d2b6fecd" />
+<Image
+  alt="Fill in other fields"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/d7ef5ad1-b1a3-435e-b1bc-4436d2b6fecd"
+/>
 
 Set the permission to read email addresses.
 
-  <Image alt="Set required permissions" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/23131ca1-9e84-4a89-a840-ef79c4bc0251" />
-  <Image alt="Set permission to read email addresses" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/358bca8d-3d82-4e76-9a5e-90d16a39efde" />
+<Image
+  alt="Set required permissions"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/23131ca1-9e84-4a89-a840-ef79c4bc0251"
+/>
+<Image
+  alt="Set permission to read email addresses"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/358bca8d-3d82-4e76-9a5e-90d16a39efde"
+/>
 
 Set whether it is accessible publicly or only accessible to yourself.
 
-  <Image alt="Set whether it is accessible publicly or only accessible to yourself" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/995780cb-9096-4a36-ab17-d422703ab970" />
+<Image
+  alt="Set whether it is accessible publicly or only accessible to yourself"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/995780cb-9096-4a36-ab17-d422703ab970"
+/>
 
 Click "Create Github App".
 
 After successful creation, click "Generate a new client secret" to create a client secret.
 
-  <Image alt="Create a new client secret" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/6d69bdca-7d18-4cbc-b3e0-220d8815cd29" />
+<Image
+  alt="Create a new client secret"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/6d69bdca-7d18-4cbc-b3e0-220d8815cd29"
+/>
 
 After successful creation, save the `Client ID` and `Client Secret`.
 
-  <Image alt="Create a new client secret" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/c6108133-a918-48b0-ab1a-e3fa607572a4" />
+<Image
+  alt="Create a new client secret"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/c6108133-a918-48b0-ab1a-e3fa607572a4"
+/>
 
 ### Configure Environment Variables
 
 When deploying LobeChat, you need to configure the following environment variables:
 
-| Environment Variable   | Type | Description                                                                                |
-| ---------------------- | ---- | ------------------------------------------------------------------------------------------ |
-| `ENABLE_OAUTH_SSO`     | Required | Enable Single Sign-On (SSO) for LobeChat. Set to `1` to enable SSO.                                                        |
-| `NEXTAUTH_SECRET`      | Required | Key used to encrypt Auth.js session tokens. You can generate the key using the command: `openssl rand -base64 32`                               |
-| `SSO_PROVIDERS`        | Required | Select the Single Sign-On provider for LobeChat. Use `github` for Github.                                                |
-| `GITHUB_CLIENT_ID`     | Required | Client ID in the Github App details page.                                                                       |
-| `GITHUB_CLIENT_SECRET` | Required | Client Secret in the Github App details page.                                                                   |
-| `ACCESS_CODE`          | Required | Add a password for accessing this service. You can set a long random password to "disable" access code authorization.                                                      |
-| `NEXTAUTH_URL`         | Optional | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. Only set it if the default generated redirect address is incorrect. `https://example.com/api/auth` |
+| Environment Variable | Type | Description |
+| --- | --- | --- |
+| `ENABLE_OAUTH_SSO` | Required | Enable Single Sign-On (SSO) for LobeChat. Set to `1` to enable SSO. |
+| `NEXTAUTH_SECRET` | Required | Key used to encrypt Auth.js session tokens. You can generate the key using the command: `openssl rand -base64 32` |
+| `SSO_PROVIDERS` | Required | Select the Single Sign-On provider for LobeChat. Use `github` for Github. |
+| `GITHUB_CLIENT_ID` | Required | Client ID in the Github App details page. |
+| `GITHUB_CLIENT_SECRET` | Required | Client Secret in the Github App details page. |
+| `ACCESS_CODE` | Required | Add a password for accessing this service. You can set a long random password to "disable" access code authorization. |
+| `NEXTAUTH_URL` | Optional | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. Only set it if the default generated redirect address is incorrect. `https://example.com/api/auth` |
 
 <Callout type={'tip'}>
-Go to [📘 Environment Variables](/en/self-hosting/environment-variable#Github) for detailed information on these variables. 
-</Callout> 
-
+  Go to [📘 Environment Variables](/en/self-hosting/environment-variable#Github) for detailed
+  information on these variables.
+</Callout>
 </Steps>
 
 <Callout type={'info'}>
-After successful deployment, users will be able to authenticate with Github and use LobeChat. 
+  After successful deployment, users will be able to authenticate with Github and use LobeChat.
 </Callout>
 
 [github-create-app]: https://github.com/settings/apps/new

package/docs/self-hosting/advanced/sso-providers/github.zh-CN.mdx

@@ -8,6 +8,7 @@ tags:
   - 单点登录
   - LobeChat
 ---
+
 # 配置 Github 身份验证服务
 
 ## Github 配置流程
@@ -15,48 +16,75 @@ tags:
 <Steps>
   ### 创建 Github 提供应用
 
-  点击[这里][github-create-app]创建一个新的Gituhb App。
+点击[这里][github-create-app]创建一个新的Gituhb App。
+
+填写Github App name、Homepage URL、Callbak URL
 
-  填写Github App name、Homepage URL、Callbak URL 
+<Image
+  alt="创建 Github 提供程序"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/2f919f99-2aaa-4fa7-9938-169d3ed09db7"
+/>
+按照自己所需设置Webhook回调地址
 
-  <Image alt="创建 Github 提供程序" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/2f919f99-2aaa-4fa7-9938-169d3ed09db7" />
-  
-  按照自己所需设置Webhook回调地址
+<Image
+  alt="填写其他字段"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/d7ef5ad1-b1a3-435e-b1bc-4436d2b6fecd"
+/>
 
-  <Image alt="填写其他字段" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/d7ef5ad1-b1a3-435e-b1bc-4436d2b6fecd" />
+设置读取邮件地址权限
 
-  设置读取邮件地址权限
+<Image
+  alt="设置所需权限"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/23131ca1-9e84-4a89-a840-ef79c4bc0251"
+/>
+<Image
+  alt="设置读取邮件地址权限"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/358bca8d-3d82-4e76-9a5e-90d16a39efde"
+/>
 
-  <Image alt="设置所需权限" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/23131ca1-9e84-4a89-a840-ef79c4bc0251" />
-  <Image alt="设置读取邮件地址权限" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/358bca8d-3d82-4e76-9a5e-90d16a39efde" />
+设置公开访问还是仅自己访问
 
-  设置公开访问还是仅自己访问
+<Image
+  alt="设置公开访问还是仅自己访问"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/995780cb-9096-4a36-ab17-d422703ab970"
+/>
 
-  <Image alt="设置公开访问还是仅自己访问" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/995780cb-9096-4a36-ab17-d422703ab970" />
+点击「Create Github App」
 
-  点击「Create Github App」
+创建成功后，点击「Generate a new client secret」创建客户端Secret
 
-  创建成功后，点击「Generate a new client secret」创建客户端Secret
+<Image
+  alt="创建新的客户端密钥"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/6d69bdca-7d18-4cbc-b3e0-220d8815cd29"
+/>
 
-  <Image alt="创建新的客户端密钥" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/6d69bdca-7d18-4cbc-b3e0-220d8815cd29" />
+创建成功后， 将 `客户端 ID` 和 `客户端 Secret` 保存下来。
 
-  创建成功后， 将 `客户端 ID` 和 `客户端 Secret` 保存下来。
-  
-  <Image alt="创建新的客户端密钥" inStep src="https://github.com/lobehub/lobe-chat/assets/64475363/c6108133-a918-48b0-ab1a-e3fa607572a4" />
+<Image
+  alt="创建新的客户端密钥"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/64475363/c6108133-a918-48b0-ab1a-e3fa607572a4"
+/>
 
-  ### 配置环境变量
+### 配置环境变量
 
-  在部署 LobeChat 时，你需要配置以下环境变量：
+在部署 LobeChat 时，你需要配置以下环境变量：
 
-  | 环境变量                     | 类型 | 描述                                                                                          |
-  | ------------------------ | -- | ------------------------------------------------------------------------------------------- |
-  | `ENABLE_OAUTH_SSO`       | 必选 | 为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。                                                    |
-  | `NEXTAUTH_SECRET`        | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32`                               |
-  | `SSO_PROVIDERS`          | 必选 | 选择 LoboChat 的单点登录提供商。使用 Github 请填写 `github`。                                  |
-  | `GITHUB_CLIENT_ID`     | 必选 | Github App详情页的 客户端 ID                                                          |
-  | `GITHUB_CLIENT_SECRET` | 必选 | Github App详情页的 客户端 Secret                                                      |
-  | `ACCESS_CODE`            | 必选 | 添加访问此服务的密码，你可以设置一个足够长的随机密码以 “禁用” 访问码授权                                                      |
-  | `NEXTAUTH_URL`           | 可选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |
+| 环境变量 | 类型 | 描述 |
+| --- | --- | --- |
+| `ENABLE_OAUTH_SSO` | 必选 | 为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。 |
+| `NEXTAUTH_SECRET` | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32` |
+| `SSO_PROVIDERS` | 必选 | 选择 LoboChat 的单点登录提供商。使用 Github 请填写 `github`。 |
+| `GITHUB_CLIENT_ID` | 必选 | Github App详情页的 客户端 ID |
+| `GITHUB_CLIENT_SECRET` | 必选 | Github App详情页的 客户端 Secret |
+| `ACCESS_CODE` | 必选 | 添加访问此服务的密码，你可以设置一个足够长的随机密码以 “禁用” 访问码授权 |
+| `NEXTAUTH_URL` | 可选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |
 
   <Callout type={'tip'}>
     前往 [📘 环境变量](/zh/self-hosting/environment-variable#Github) 可查阅相关变量详情。
@@ -64,8 +92,6 @@ tags:
 </Callout>
 </Steps>
 
-<Callout type={'info'}>
-  部署成功后，用户将可以通过Github身份认证并使用 LobeChat。
-</Callout>
+<Callout type={'info'}>部署成功后，用户将可以通过Github身份认证并使用 LobeChat。</Callout>
 
 [github-create-app]: https://github.com/settings/apps/new

package/docs/self-hosting/advanced/sso-providers/microsoft-entra-id.mdx

@@ -12,68 +12,86 @@ tags:
   - Environment Variables
   - LobeChat
 ---
+
 # Configuration of Microsoft Entra ID Authentication Service
 
 <Steps>
   ### Create a Microsoft Entra ID Application
 
-  In your [Microsoft Azure Portal][microsoft-azure-portal], go to Microsoft Entra ID -> App registrations -> New registration to create a new application.
+In your [Microsoft Azure Portal][microsoft-azure-portal], go to Microsoft Entra ID -> App registrations -> New registration to create a new application.
 
-  Fill in the desired application name to be displayed to organizational users, choose the account types you wish to support, and if only internal users are supported, select `Accounts in this organizational directory only (Default Directory only - Single tenant)`.
+Fill in the desired application name to be displayed to organizational users, choose the account types you wish to support, and if only internal users are supported, select `Accounts in this organizational directory only (Default Directory only - Single tenant)`.
 
-  In the `Redirect URI (optional)` section, for the application type, select `Web`, and in the Callback URL, enter:
+In the `Redirect URI (optional)` section, for the application type, select `Web`, and in the Callback URL, enter:
 
-  ```bash
-  https://your-domain/api/auth/callback/azure-ad
-  ```
+```bash
+https://your-domain/api/auth/callback/azure-ad
+```
 
-  <Callout type={'info'}>
-    - You can fill in or modify the Redirect URIs after registering, but make sure the URL you enter matches the deployed URL.
-    - Please replace "your-domain" with your own domain.
- 
+<Callout type={'info'}>
+  - You can fill in or modify the Redirect URIs after registering, but make sure the URL you enter
+  matches the deployed URL. - Please replace "your-domain" with your own domain.
 </Callout>
 
-  <Image alt="App Register" inStep src="https://github.com/lobehub/lobe-chat/assets/13883964/4f9d83bd-b3fc-4abc-bcf4-ccbad65c219d" />
+<Image
+  alt="App Register"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/13883964/4f9d83bd-b3fc-4abc-bcf4-ccbad65c219d"
+/>
 
-  Click on "Register".
+Click on "Register".
 
-  After successfully creating the application, click on the corresponding application to enter the application details page, and switch to the "Overview" tab to view the corresponding configuration information.
+After successfully creating the application, click on the corresponding application to enter the application details page, and switch to the "Overview" tab to view the corresponding configuration information.
 
-  <Image alt="App Overview" inStep src="https://github.com/lobehub/lobe-chat/assets/13883964/48a0b702-05bd-4ce4-a007-a8ad00a36e5a" />
+<Image
+  alt="App Overview"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/13883964/48a0b702-05bd-4ce4-a007-a8ad00a36e5a"
+/>
 
-  Go to "Certificates & secrets", select the "Client secrets" tab, click on "New client secret", fill in the description, select the expiration time, and click on "Add" to create a new client secret.
+Go to "Certificates & secrets", select the "Client secrets" tab, click on "New client secret", fill in the description, select the expiration time, and click on "Add" to create a new client secret.
 
-  <Image alt="Create App Client Secret" inStep src="https://github.com/lobehub/lobe-chat/assets/13883964/c9d66fa0-158c-4bd3-a1fa-969e638259d2" />
+<Image
+  alt="Create App Client Secret"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/13883964/c9d66fa0-158c-4bd3-a1fa-969e638259d2"
+/>
 
-  <Callout type={'important'}>Please make sure to save your client secret as this is your only chance to view it.</Callout>
+<Callout type={'important'}>
+  Please make sure to save your client secret as this is your only chance to view it.
+</Callout>
 
-  ### Add Users
+### Add Users
 
-  Go back to the "Microsoft Entra ID" interface, enter "Users", click on "New user", fill in the user information, and click on "Create" to create a user for using LobeChat.
+Go back to the "Microsoft Entra ID" interface, enter "Users", click on "New user", fill in the user information, and click on "Create" to create a user for using LobeChat.
 
-  ### Configure Environment Variables
+### Configure Environment Variables
 
-  When deploying LobeChat, you need to configure the following environment variables:
+When deploying LobeChat, you need to configure the following environment variables:
 
-  | Environment Variable     | Type     | Description                                                                                                                                                                                                                |
-  | ------------------------ | -------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-  | `ENABLE_OAUTH_SSO`       | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on.                                                                                                                                             |
-  | `NEXTAUTH_SECRET`        | Required | Key used to encrypt Auth.js session tokens. You can generate the key using the following command: `openssl rand -base64 32`                                                                                                |
-  | `SSO_PROVIDERS`          | Required | Select the single sign-on provider for LoboChat. Use `azure-ad` for Microsoft Entra ID.                                                                                                                                    |
-  | `AZURE_AD_CLIENT_ID`     | Required | Client ID of the Microsoft Entra ID application.                                                                                                                                                                           |
-  | `AZURE_AD_CLIENT_SECRET` | Required | Client Secret of the Microsoft Entra ID application.                                                                                                                                                                       |
-  | `AZURE_AD_TENANT_ID`     | Required | Tenant ID of the Microsoft Entra ID application.                                                                                                                                                                           |
-  | `ACCESS_CODE`            | Required | Add a password for accessing this service, you can set a sufficiently long random password to "disable" access code authorization.                                                                                         |
-  | `NEXTAUTH_URL`           | Optional | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. It is only necessary to set it when the default generated redirect address is incorrect. `https://example.com/api/auth` |
+| Environment Variable | Type | Description |
+| --- | --- | --- |
+| `ENABLE_OAUTH_SSO` | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on. |
+| `NEXTAUTH_SECRET` | Required | Key used to encrypt Auth.js session tokens. You can generate the key using the following command: `openssl rand -base64 32` |
+| `SSO_PROVIDERS` | Required | Select the single sign-on provider for LoboChat. Use `azure-ad` for Microsoft Entra ID. |
+| `AZURE_AD_CLIENT_ID` | Required | Client ID of the Microsoft Entra ID application. |
+| `AZURE_AD_CLIENT_SECRET` | Required | Client Secret of the Microsoft Entra ID application. |
+| `AZURE_AD_TENANT_ID` | Required | Tenant ID of the Microsoft Entra ID application. |
+| `ACCESS_CODE` | Required | Add a password for accessing this service, you can set a sufficiently long random password to "disable" access code authorization. |
+| `NEXTAUTH_URL` | Optional | This URL is used to specify the callback address for Auth.js when performing OAuth authentication. It is only necessary to set it when the default generated redirect address is incorrect. `https://example.com/api/auth` |
 
-  <Callout type={'tip'}>
-    You can refer to [📘 environment variables](/en/self-hosting/environment-variable#microsoft-entra-id) for details on related variables.
- 
+<Callout type={'tip'}>
+  You can refer to [📘 environment
+  variables](/en/self-hosting/environment-variable#microsoft-entra-id) for details on related
+  variables.
 </Callout>
 
 </Steps>
 
-<Callout>After successful deployment, users will be able to authenticate and use LobeChat using the users configured in Microsoft Entra ID.</Callout>
+<Callout>
+  After successful deployment, users will be able to authenticate and use LobeChat using the users
+  configured in Microsoft Entra ID.
+</Callout>
 
 ## Advanced Configuration
 

package/docs/self-hosting/advanced/sso-providers/microsoft-entra-id.zh-CN.mdx

@@ -9,6 +9,7 @@ tags:
   - 环境变量
   - 用户管理
 ---
+
 # 配置 Microsoft Entra ID 身份验证服务
 
 ## Microsoft Entra ID 配置流程
@@ -16,54 +17,65 @@ tags:
 <Steps>
   ### 创建 Microsoft Entra ID 应用
 
-  在你的 [Microsoft Azure Portal][microsoft-azure-portal] 进入 Microsoft Entra ID -> App registrations -> New registration 创建一个新的应用。
+在你的 [Microsoft Azure Portal][microsoft-azure-portal] 进入 Microsoft Entra ID -> App registrations -> New registration 创建一个新的应用。
 
-  填写你想向组织用户显示的应用名称，选择你期望支持的账户类型，如果只支持内部用户请选择 `Accounts in this organizational directory only (Default Directory only - Single tenant)`。
+填写你想向组织用户显示的应用名称，选择你期望支持的账户类型，如果只支持内部用户请选择 `Accounts in this organizational directory only (Default Directory only - Single tenant)`。
 
-  在 `Redirect URI (optional)` 中，应用类型选择 `Web`，Callback URL, 处填写：
+在 `Redirect URI (optional)` 中，应用类型选择 `Web`，Callback URL, 处填写：
 
-  ```bash
-  https://your-domain/api/auth/callback/azure-ad
-  ```
+```bash
+https://your-domain/api/auth/callback/azure-ad
+```
 
-  <Callout type={'info'}>
-    - 可以在 Register 后再填写或修改 Redirect URIs，但是务必保证填写的 URL 与部署的 URL 一致。
-    - your-domain 请填写自己的域名
- 
+<Callout type={'info'}>
+  - 可以在 Register 后再填写或修改 Redirect URIs，但是务必保证填写的 URL 与部署的 URL 一致。 -
+  your-domain 请填写自己的域名
 </Callout>
 
-  <Image alt="App Register" inStep src="https://github.com/lobehub/lobe-chat/assets/13883964/4f9d83bd-b3fc-4abc-bcf4-ccbad65c219d" />
+<Image
+  alt="App Register"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/13883964/4f9d83bd-b3fc-4abc-bcf4-ccbad65c219d"
+/>
 
-  点击「Register」
+点击「Register」
 
-  创建成功后，点击相应的应用，进入应用详情页，切换到「Overview」标签页，就可以看到相应的配置信息。
+创建成功后，点击相应的应用，进入应用详情页，切换到「Overview」标签页，就可以看到相应的配置信息。
 
-  <Image alt="App Overview" inStep src="https://github.com/lobehub/lobe-chat/assets/13883964/48a0b702-05bd-4ce4-a007-a8ad00a36e5a" />
+<Image
+  alt="App Overview"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/13883964/48a0b702-05bd-4ce4-a007-a8ad00a36e5a"
+/>
 
-  进入「Certificates & secrets」，选择「Client secrets」标签，点击「New client secret」，填写描述，选择过期时间，点击「Add」，创建一个新的客户端密钥。
+进入「Certificates & secrets」，选择「Client secrets」标签，点击「New client secret」，填写描述，选择过期时间，点击「Add」，创建一个新的客户端密钥。
 
-  <Image alt="Create App Client Secret" inStep src="https://github.com/lobehub/lobe-chat/assets/13883964/c9d66fa0-158c-4bd3-a1fa-969e638259d2" />
+<Image
+  alt="Create App Client Secret"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/13883964/c9d66fa0-158c-4bd3-a1fa-969e638259d2"
+/>
 
-  <Callout type={'important'}>请务必保存好你的客户端密钥，因为这是你唯一的机会查看它。</Callout>
+<Callout type={'important'}>请务必保存好你的客户端密钥，因为这是你唯一的机会查看它。</Callout>
 
-  ### 新增用户
+### 新增用户
 
-  回到「Microsoft Entra ID」界面，进入「Users」，点击「New user」，填写用户信息，点击「Create」，创建用户以使用 LobeChat。
+回到「Microsoft Entra ID」界面，进入「Users」，点击「New user」，填写用户信息，点击「Create」，创建用户以使用 LobeChat。
 
-  ### 配置环境变量
+### 配置环境变量
 
-  在部署 LobeChat 时，你需要配置以下环境变量：
+在部署 LobeChat 时，你需要配置以下环境变量：
 
-  | 环境变量                     | 类型 | 描述                                                                                          |
-  | ------------------------ | -- | ------------------------------------------------------------------------------------------- |
-  | `ENABLE_OAUTH_SSO`       | 必选 | 为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。                                                    |
-  | `NEXTAUTH_SECRET`        | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32`                               |
-  | `SSO_PROVIDERS`          | 必选 | 选择 LoboChat 的单点登录提供商。使用 Microsoft Entra ID 请填写 `azure-ad`。                                  |
-  | `AZURE_AD_CLIENT_ID`     | 必选 | Microsoft Entra ID 应用程序的 Client ID                                                          |
-  | `AZURE_AD_CLIENT_SECRET` | 必选 | Microsoft Entra ID 应用程序的 Client Secret                                                      |
-  | `AZURE_AD_TENANT_ID`     | 必选 | Microsoft Entra ID 应用程序的 Tenant ID                                                          |
-  | `ACCESS_CODE`            | 必选 | 添加访问此服务的密码，你可以设置一个足够长的随机密码以 “禁用” 访问码授权                                                      |
-  | `NEXTAUTH_URL`           | 可选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |
+| 环境变量 | 类型 | 描述 |
+| --- | --- | --- |
+| `ENABLE_OAUTH_SSO` | 必选 | 为 LobeChat 启用单点登录 (SSO)。设置为 `1` 以启用单点登录。 |
+| `NEXTAUTH_SECRET` | 必选 | 用于加密 Auth.js 会话令牌的密钥。您可以使用以下命令生成秘钥： `openssl rand -base64 32` |
+| `SSO_PROVIDERS` | 必选 | 选择 LoboChat 的单点登录提供商。使用 Microsoft Entra ID 请填写 `azure-ad`。 |
+| `AZURE_AD_CLIENT_ID` | 必选 | Microsoft Entra ID 应用程序的 Client ID |
+| `AZURE_AD_CLIENT_SECRET` | 必选 | Microsoft Entra ID 应用程序的 Client Secret |
+| `AZURE_AD_TENANT_ID` | 必选 | Microsoft Entra ID 应用程序的 Tenant ID |
+| `ACCESS_CODE` | 必选 | 添加访问此服务的密码，你可以设置一个足够长的随机密码以 “禁用” 访问码授权 |
+| `NEXTAUTH_URL` | 可选 | 该 URL 用于指定 Auth.js 在执行 OAuth 验证时的回调地址，当默认生成的重定向地址发生不正确时才需要设置。`https://example.com/api/auth` |
 
   <Callout type={'tip'}>
     前往 [📘 环境变量](/zh/self-hosting/environment-variable#microsoft-entra-id) 可查阅相关变量详情。

package/docs/self-hosting/advanced/sso-providers/zitadel.mdx

@@ -11,63 +11,92 @@ tags:
   - Environment Variables
   - ZITADEL Applications
 ---
+
 # Configure ZITADEL Authentication Service
 
 <Steps>
   ### Create ZITADEL Application
 
-  Log in to the console of your ZITADEL instance using an account with at least a [`Project Owner` role](https://zitadel.com/docs/guides/manage/console/managers#roles), navigate to (or [create](https://zitadel.com/docs/guides/manage/console/projects#create-a-project)) the project you'd like to host your application in, and click the **New** button to create an application.
+Log in to the console of your ZITADEL instance using an account with at least a [`Project Owner` role](https://zitadel.com/docs/guides/manage/console/managers#roles), navigate to (or [create](https://zitadel.com/docs/guides/manage/console/projects#create-a-project)) the project you'd like to host your application in, and click the **New** button to create an application.
 
-  <Image alt="Create ZITADEL Application S1" inStep src="https://github.com/lobehub/lobe-chat/assets/8692892/b05473ad-04a6-4ebc-9810-116c778d4448" />
+<Image
+  alt="Create ZITADEL Application S1"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/8692892/b05473ad-04a6-4ebc-9810-116c778d4448"
+/>
 
-  Fill in the name, choose **Web** as the application type, and click **Continue**.
+Fill in the name, choose **Web** as the application type, and click **Continue**.
 
-  <Image alt="Create ZITADEL Application S2" inStep src="https://github.com/lobehub/lobe-chat/assets/8692892/5a0e6c58-9e6f-4ffb-8af2-32e48cfb45b0" />
+<Image
+  alt="Create ZITADEL Application S2"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/8692892/5a0e6c58-9e6f-4ffb-8af2-32e48cfb45b0"
+/>
 
-  Choose **Code** as the authentication method.
+Choose **Code** as the authentication method.
 
-  <Image alt="Create ZITADEL Application S3" inStep src="https://github.com/lobehub/lobe-chat/assets/8692892/14ecaa12-74a1-4e2f-b171-9d9ac09d3d63" />
+<Image
+  alt="Create ZITADEL Application S3"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/8692892/14ecaa12-74a1-4e2f-b171-9d9ac09d3d63"
+/>
 
-  In the **Redirect URIs** field, fill in:
+In the **Redirect URIs** field, fill in:
 
-  ```
-  http(s)://your-domain/api/auth/callback/zitadel
-  ```
+```
+http(s)://your-domain/api/auth/callback/zitadel
+```
 
-  <Image alt="Create ZITADEL Application S4" inStep src="https://github.com/lobehub/lobe-chat/assets/8692892/4ff3c3a0-9ca0-45ff-8f3a-219f4445098b" />
+<Image
+  alt="Create ZITADEL Application S4"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/8692892/4ff3c3a0-9ca0-45ff-8f3a-219f4445098b"
+/>
 
-  <Callout type={'important'}>
-    - You can fill in or modify redirect URIs after creating the application, but make sure the filled URL is consistent with the deployed URL.
-    - Replace `http(s)://your-domain` with the actual URL that LobeChat is deployed to.
- 
+<Callout type={'important'}>
+  - You can fill in or modify redirect URIs after creating the application, but make sure the filled
+  URL is consistent with the deployed URL. - Replace `http(s)://your-domain` with the actual URL
+  that LobeChat is deployed to.
 </Callout>
 
-  Confirm the configuration and click **Create**.
+Confirm the configuration and click **Create**.
 
-  <Image alt="Create ZITADEL Application S5" inStep src="https://github.com/lobehub/lobe-chat/assets/8692892/bee24764-aa42-47d9-ad43-bcb8e7b35bc3" />
+<Image
+  alt="Create ZITADEL Application S5"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/8692892/bee24764-aa42-47d9-ad43-bcb8e7b35bc3"
+/>
 
-  Save the **ClientId** and **ClientSecret** for later use.
+Save the **ClientId** and **ClientSecret** for later use.
 
-  <Image alt="Create ZITADEL Application S6" inStep src="https://github.com/lobehub/lobe-chat/assets/8692892/407b4eed-7f21-4aa6-b68f-9bae2faf09d0" />
+<Image
+  alt="Create ZITADEL Application S6"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/8692892/407b4eed-7f21-4aa6-b68f-9bae2faf09d0"
+/>
 
-  In the application settings page, navigate to the **URLs** tab, and save the **issuer** URL.
+In the application settings page, navigate to the **URLs** tab, and save the **issuer** URL.
 
-  <Image alt="Create ZITADEL Application S7" inStep src="https://github.com/lobehub/lobe-chat/assets/8692892/d12a2661-7b98-484f-8f3d-07e84d42ae08" />
+<Image
+  alt="Create ZITADEL Application S7"
+  inStep
+  src="https://github.com/lobehub/lobe-chat/assets/8692892/d12a2661-7b98-484f-8f3d-07e84d42ae08"
+/>
 
-  ### Configure Environment Variables
+### Configure Environment Variables
 
-  When deploying LobeChat, you need to configure the following environment variables:
+When deploying LobeChat, you need to configure the following environment variables:
 
-  | Environment Variable    | Type     | Description                                                                                                                                                                                         |
-  | ----------------------- | -------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
-  | `ENABLE_OAUTH_SSO`      | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on.                                                                                                                      |
-  | `NEXTAUTH_SECRET`       | Required | Key used to encrypt Auth.js session tokens. You can generate a key using the following command: `openssl rand -base64 32`                                                                           |
-  | `SSO_PROVIDERS`         | Optional | Select the single sign-on provider for LoboChat. Use `zitadel` for ZITADEL.                                                                                                                         |
-  | `ZITADEL_CLIENT_ID`     | Required | Client ID (`ClientId` as shown in ZITADEL) of the ZITADEL application                                                                                                                               |
-  | `ZITADEL_CLIENT_SECRET` | Required | Client Secret (`ClientSecret` as shown in ZITADEL) of the ZITADEL application                                                                                                                       |
-  | `ZITADEL_ISSUER`        | Required | Issuer URL of the ZITADEL application                                                                                                                                                               |
-  | `ACCESS_CODE`           | Required | Add a password to access this service. You can set a sufficiently long random password to "disable" access code authorization.                                                                      |
-  | `NEXTAUTH_URL`          | Optional | The URL is used to specify the callback address for the execution of OAuth authentication in Auth.js. It needs to be set only when the default address is incorrect. `https://example.com/api/auth` |
+| Environment Variable | Type | Description |
+| --- | --- | --- |
+| `ENABLE_OAUTH_SSO` | Required | Enable single sign-on (SSO) for LobeChat. Set to `1` to enable single sign-on. |
+| `NEXTAUTH_SECRET` | Required | Key used to encrypt Auth.js session tokens. You can generate a key using the following command: `openssl rand -base64 32` |
+| `SSO_PROVIDERS` | Optional | Select the single sign-on provider for LoboChat. Use `zitadel` for ZITADEL. |
+| `ZITADEL_CLIENT_ID` | Required | Client ID (`ClientId` as shown in ZITADEL) of the ZITADEL application |
+| `ZITADEL_CLIENT_SECRET` | Required | Client Secret (`ClientSecret` as shown in ZITADEL) of the ZITADEL application |
+| `ZITADEL_ISSUER` | Required | Issuer URL of the ZITADEL application |
+| `ACCESS_CODE` | Required | Add a password to access this service. You can set a sufficiently long random password to "disable" access code authorization. |
+| `NEXTAUTH_URL` | Optional | The URL is used to specify the callback address for the execution of OAuth authentication in Auth.js. It needs to be set only when the default address is incorrect. `https://example.com/api/auth` |
 
   <Callout type={'tip'}>
     You can refer to the related variable details at [📘Environment Variables](/en/self-hosting/environment-variables/auth#zitadel).
@@ -76,5 +105,6 @@ tags:
 </Steps>
 
 <Callout>
-  After successful deployment, users will be able to authenticate and use LobeChat using existing users configured in ZITADEL.
+  After successful deployment, users will be able to authenticate and use LobeChat using existing
+  users configured in ZITADEL.
 </Callout>