You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If userInfoEndpoint is provided by property, I'd like the application to fetch claims by making a request to the userinfo endpoint.
Is it possible to implement this feature?
Why is this needed:
Hi, PipeCD dev team.
Since the release v0.49.0, I have been trying to configure SSO using Generic OIDC.
Our team is using Okta as an identity provider.
I'm encountering an issue where Okta doesn't seem to be returning custom claims within the ID token.
The Documentation says the following:
The full set of claims for the requested scopes is available via the /oauth2/v1/userinfo endpoint. Call this endpoint using the access token.
What would you like to be added:
If
userInfoEndpoint
is provided by property, I'd like the application to fetch claims by making a request to the userinfo endpoint.Is it possible to implement this feature?
Why is this needed:
Hi, PipeCD dev team.
Since the release v0.49.0, I have been trying to configure SSO using Generic OIDC.
Our team is using Okta as an identity provider.
I'm encountering an issue where Okta doesn't seem to be returning custom claims within the ID token.
The Documentation says the following:
https://developer.okta.com/docs/api/openapi/okta-oauth/guides/overview/#scope-dependent-claims-not-always-returned
it seems that the
userInfoEndpoint
property in SSOConfigOIDC isn't being used.(authorizationEndpoint
andtokenEndpoint
too)https://pipecd.dev/docs-v0.49.x/user-guide/managing-controlplane/configuration-reference/#ssoconfigoidc
These are additional references from Okta.
https://support.okta.com/help/s/article/How-To-Add-Custom-Profile-Attributes-As-Claims-In-a-ID-Token-or-userinfo?language=en_US
https://developer.okta.com/docs/api/openapi/okta-oauth/oauth/tag/OrgAS/#tag/OrgAS/operation/userinfo
The text was updated successfully, but these errors were encountered: