Support for OIDC providers which expose .well-known/openid-configuration
#89
Comments
|
would that mean using JWKS uri to validate jwt among other cases? I am all in for it! We have already implemented a solution for our OIDC provider, and the approach is pretty much provider-agnostic. Would love to check in that code here @atinux if it is open to PR. |
|
I think what I mean is basically what #25 aims to implement (which I only found after opening this issue) but I would have to double check that PR |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I was sad to see that the closest thing currently available is the Keycloak provider however that mandates usage of a realm. Many OIDC providers providers, especially FOSS ones which you can self-host provide a standardized
well-known/openid-configurationendpoint where all further endpoints and supported values are exposed. It would be great to support this and would eliminate the need for many specialized providers. Ideally, there is a general manualOIDC provider where one can manually set the authorization/token/userinfo/revokation etc endpoint and one wellKnownOIDC provider which simply takes a single URL, fetches the values and delegates the rest to the manualOIDC provider.The text was updated successfully, but these errors were encountered: