From 8acca96b801519a3afb51bc79f861470665e3653 Mon Sep 17 00:00:00 2001
From: Myles K <11828103+myleskeeffe@users.noreply.github.com>
Date: Wed, 5 Feb 2025 13:55:40 +0800
Subject: [PATCH] docs: Update settings.rst

Added OIDC_REDIRECT_ALLOWED_HOSTS setting to the documentation.
---
 docs/settings.rst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/docs/settings.rst b/docs/settings.rst
index eee208fb..2603e4b4 100644
--- a/docs/settings.rst
+++ b/docs/settings.rst
@@ -127,6 +127,18 @@ of ``mozilla-django-oidc``.
    Sets the maximum number of State / Nonce combinations stored in the session.
    Multiple combinations are used when the user does multiple concurrent login sessions.
 
+.. py:attribute:: OIDC_REDIRECT_ALLOWED_HOSTS
+
+   :default: ``None``
+
+   List of hosts which are allowed to be redirected to (must be of List type).
+   The redirect URL specified by the OIDC_REDIRECT_FIELD_NAME field must match a host
+   in this list.
+
+   .. note::
+
+      Whilst there is no default, a request's host is always allowed.
+
 .. py:attribute:: OIDC_REDIRECT_FIELD_NAME
 
    :default: ``next``