It would be helpful to have a comprehensive documentation of the endpoints to help configure Authelia correctly in real life environments.

Add encryption support to access token as JWT.

I've had some issues recently using this bundle with Symfony 4.4 when deploying applications behind a TLS-terminating reverse proxy (such as AWS ELB, Heroku, etc.). I've figured out that I need to tell onelogin-saml to trust the proxy (as it doesn't use the symfony configuration for this).

I fixed my issue by adding the following code in my public/index.php:

if ($trustedProxies = $_SERV

Both in 3.1.7 and 4.0 a certain log message appears in oxtrust.log at the end of each metadata validation cycle:

2019-1021 18:33:06,457 DEBUG [ForkJoinPool.commonPool-worker-2] [org.gluu.oxtrst.ldap.serviceMetadataValidationTimer] (MetadataValidationTimer.java:116) - Metadata validatin finished with result: 'false'

It's always "result: false", even when metadata is valid an all TRs f

A separate page detailing the latest changes/a full changelog should be added, informing users about any recent feature additions or bugfixes. Admins should have edit access on that page, allowing for new entries to be quickly created using the frontend only.
To increase the visibility of updates, a new notification type could be added, being automatically sent to every user upon button-click by