Skip to main content

Questions tagged [openid-connect]

Ask Question

OpenID Connect (OIDC) is a REST-friendly protocol for the (possibly cross-domain) exchange of user identity built on top of the OAuth 2.0 and JWT specifications.

openid-connect
5,636 questions
Newest Active Bountied Unanswered
0 votes
0 answers
12 views

Ajax and non-Ajax calls with OIDC in Helidon SE

We're developing a Single-Page Application using Helidon SE as the api and webserver. We are struggling how to configure OIDC authentication using Auth0. We are not sure about the following: If the ...
Christopher Schank's user avatar
Christopher Schank
  • 101
0 votes
1 answer
27 views

Keycloak refresh token expired early

I am using Keycloak as my identity provider for my React project. On user login, I am getting an access token and a refresh token. When my access token is expired, I will use the refresh token to get ...
Prifulnath's user avatar
Prifulnath
  • 483
0 votes
1 answer
25 views

Why is openid-configuration returning 404 (Spring Authorization Server)

I have following SecurityConfig: package auth import classLogger import com.nimbusds.jose.jwk.JWKSet import com.nimbusds.jose.jwk.RSAKey import com.nimbusds.jose.jwk.source.ImmutableJWKSet import com....
Simao Gomes Viana's user avatar
Simao Gomes Viana
  • 520
0 votes
1 answer
32 views

In Azure AD B2C who provides the ID token?

I am trying to get my head around the concept. You have an azure B2C, and have two external IDP's configured. I guessed that the ID token was provided by the Azure B2C and not the external IDP which ...
Killerbe's user avatar
Killerbe
  • 3
0 votes
0 answers
19 views

Correct flow for retrieving access token of OIDC provider using Firebase Auth in Flutter

I'm using Firebase Auth in my app and I'm signing in using an OAuthProvider like this: final credential = await FirebaseAuth.instance.signInWithProvider( OAuthProvider('oidc.my-oidc-provider') .....
katkak's user avatar
katkak
  • 199
0 votes
1 answer
42 views

How can I create a custom grant type in Keycloak?

I'm working on a project where I need to implement a custom grant type in Keycloak to meet specific authentication requirements. I've looked through the Keycloak documentation, but I'm having trouble ...
Shades's user avatar
Shades
  • 1
0 votes
0 answers
27 views

Spring authorization server RP-initiated logout not working

I have a project with spring gateway as oauth client for spring authorization server. Everything is working fine in terms of oidc authentication besides the logout. Logout does not work due to CORS, ...
IonutB's user avatar
IonutB
  • 73
0 votes
1 answer
46 views

Error: Not authorized to perform sts:AssumeRoleWithWebIdentity during OIDC when a PR get merged into main

I'm trying to assume a role of AWS using OIDC in my github action file but it's saying "Error: Not authorized to perform sts:AssumeRoleWithWebIdentity" When we merge PR into main but if I ...
MJ Ghani's user avatar
MJ Ghani
  • 3
0 votes
1 answer
41 views

Android Login to OAuth2 client

I have a Spring server which acts as an API gateway for some microservices. The way I handle login is by using Keycloak as a IAM, and the Gateway as an OAuth2 Client with authentication code flow. Now ...
Brendon Mendicino's user avatar
Brendon Mendicino
  • 11
0 votes
0 answers
10 views

window.addEventListener('load',... does not trigger on Chrome on iOS (iPad)

We are using identity Server 4. We are using .NET Core RazorPages web-applications. They authenticate via openid-connect While authentificating,the client is redirected to a html page with a hidden ...
Hagen Munsch's user avatar
Hagen Munsch
  • 3
0 votes
1 answer
32 views

Best Practices for Associating userId (from JWT) with Google OAuth Tokens

I have a few questions regarding the OAuth flow in a hypothetical context. Let's imagine the following situation: we have a JavaScript client (React JS), a Keycloak server, and a REST API (Spring Boot)...
emerick biron's user avatar
emerick biron
  • 87
0 votes
0 answers
26 views

OpenID Connect authentication in ASP.NET Core: filter by tenant ID

I am developing an ASP.NET Core MVC application that uses Microsoft Entra ID for authentication. The application is designed to support multiple tenants, and I want to restrict access so that only ...
StanSm789's user avatar
StanSm789
  • 23
0 votes
0 answers
27 views

Which OAuth flow to use for on-prem web apps and Google login?

We are building an application that has a web UI and gets installed on-premise by customers. We want to support customers' employees to log into the application using their (work) Google accounts, ...
Martin Geisse's user avatar
Martin Geisse
  • 1,319
0 votes
1 answer
42 views

OIDC with PKCE : possible to put token in httpOnly cookie?

I have a front end Angular SPA application with some business spring boot backend APIs The authentication process (OIDC PKCE) is managed by Angular and angular-oauth2-oidc npm library. Basically it ...
AntonBoarf's user avatar
AntonBoarf
  • 1,273
0 votes
1 answer
35 views

play -pac4j oidc password grant send redirect url to torken end point

implementing play-pac4j oidc feature with keyclock. I need it to support only for direct access grant but play-pac4j request sends redirect_url as request parameter and getting error < Invalid ...
Kaushal Senevirathne's user avatar
Kaushal Senevirathne
  • 1

15 30 50 per page
1
2 3 4 5
376