Updated OIDC documentation. Added Zitadel OIDC integration documentation

.docs/oidc/uid/README.md

@@ -2,22 +2,22 @@
 
 ## 1. UID Application Configuration
 
-### Step 1: Log in to your Identity Enterprise Workspace
+### Step 1: Log in to the Identity Enterprise Workspace
 
 1. Access the UID workspace (e.g., `https://your-site.ui.com`).
 2. Log in with your credentials.
 
 ![UID Workspace](images/uid_workspace.png)
 
-### Step 2: Navigate to the Manager portal and create a new application
+### Step 2: Create a new application
 
 1. Select the `Manager Portal`. You will be prompted to verify with MFA.
-2. Once signed in select `SSO Apps` in the left-hand menu.
-3. Press the Plus button in the top right-hand corner.
+2. Select `SSO Apps` in the left-hand menu.
+3. Press the **Plus** button in the top right-hand corner.
 4. Select `Add Custom App`
 5. Select `OIDC` from the menu
 6. Fill in the details for your application.
-   The crucial fields needed are `Initiate Sign-In URI` and `Sign-In Redirect URI`.
+   The required fields needed are `Initiate Sign-In URI` and `Sign-In Redirect URI`.
 
    Initiate Sign-In URI - (e.g., `https://voucher.example.com`)
    Sign-In Redirect URI - (e.g., `https://voucher.example.com/callback`)
@@ -32,32 +32,22 @@
 ![UID Add OIDC App](images/uid_add_oidc_app.png)
 ![UID Tool Collection App](images/uid_tool_collection_app.png)
 
-### Step 3: Create or update your application configuration
+---
 
-> Attention!: UID currently only supports the `confidential` Client Type.
+## 2. UniFi Voucher Site Configuration
 
-1. Copy the values from your `Well Known Config Endpoint`, `Client ID` and `Client Secret` into your application configuration. Then set the `AUTH_OIDC_CLIENT_TYPE` to `confidential`.
+Now, configure your UniFi Voucher Site to use the UID client.
 
-`docker-compose.yml`
-```yaml
-      AUTH_OIDC_ISSUER_BASE_URL: 'https://your-site.ui.com/gw/idp/api/v1/public/oauth/your-secret-token/.well-known/openid-configuration'
-      AUTH_OIDC_APP_BASE_URL: 'voucher.example.com'
-      AUTH_OIDC_CLIENT_ID: 'atlafa3i2j5ebhna5ds3hsxpx'
-      AUTH_OIDC_CLIENT_TYPE: 'confidential'
-      AUTH_OIDC_CLIENT_SECRET: 'vcusek6ixxjgxvvo57dqohxcjtjlqfutldvtbgycmpqltzt7zo'
-```
+1. In your UniFi Voucher Site configuration, set `AUTH_OIDC_CLIENT_TYPE` as `confidential`.
+2. Set the `AUTH_OIDC_CLIENT_ID` as found within the UID Application.
+3. Provide the `AUTH_OIDC_CLIENT_SECRET` as found within the UID Application.
+4. Provide the `AUTH_OIDC_ISSUER_BASE_URL` from your UID domain (e.g., `https://your-site.ui.com/gw/idp/api/v1/public/oauth/your-secret-token/.well-known/openid-configuration`).
+5. Provide the `AUTH_OIDC_APP_BASE_URL` from your UniFi Voucher Site instance (e.g., `https://voucher.example.com`).
+6. Restart the container after these changes
 
-2. Build your application or update it.
+---
 
-```bash
-sudo docker-compose up -d
-```
-
-```bash
-sudo docker-compose up -d --force-recreate
-```
-
-### Testing OIDC Sign-In
+## 3. Testing and Troubleshooting
 
 **From `UID Workspace`**
 
@@ -67,14 +57,14 @@ Navigate to the Applications section and select your application. This will laun
 ![UID Demo Sign-In](images/uid_demo_sign_in.png)
 ![UID OIDC Sign-In Success](images/uid_oidc_sign_in_success.png)
 
-**External Sign In form outside of UID**
+**External Sign In from outside of UID**
 
 > Notice: You will only be prompted for UID sign-in if you have not signed in within your predefined sign in policy in UID.
 
 Access your application via the `Initiate Sign-In URI` this will prompt a new window to sign in to UID. Once you sign in you will be redirected back to your application.
 
-![uid-signin}](images/uid_sign_in.png)
-![demo-signin](images/uid_demo_sign_in.png)
+![UID Sign-In](images/uid_sign_in.png)
+![UID Demo Sign-In](images/uid_demo_sign_in.png)
 ![UID OIDC Sign-In Success](images/uid_oidc_sign_in_success.png)
 
 That's it you now have OIDC setup and can sign in to your application!