Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make an OIDC IdPaccess_token available to the reconcile lambda #2494

Closed
1 task done
andrewpai opened this issue Oct 3, 2023 · 1 comment
Closed
1 task done

Make an OIDC IdPaccess_token available to the reconcile lambda #2494

andrewpai opened this issue Oct 3, 2023 · 1 comment
Assignees
@robotdan
Labels
enhancement New feature or request openid-connect
Projects
FusionAuth Issues
Milestone
1.48.0

Comments

@andrewpai
Copy link

andrewpai commented Oct 3, 2023
edited by robotdan

Make an OIDC identity provider's access_token available to the reconcile lambda

Problem

When using an OIDC identity provider, it would be useful to have the user's access token from the provider available to the reconcile lambda. This would allow the lambda to make API calls using the access token.

Solution

Provide the identity provider's access token for the authenticated user to the reconcile lambda.

Alternatives/workarounds

A lambda could potentially use a hardcoded API key for making calls to external APIs, however this isn't the best solution as authorization and auditing in the context of the user is impossible.

Related

Community guidelines

All issues filed in this repository must abide by the FusionAuth community guidelines.

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.

Documentation

  • Document new argument to the OpenID Connect reconcile lambda that contains the id_token and access_token

Release Notes

Expose the access_token returned by the Identity Provider to the Reconcile Lambda function. The access_token will now be passed to the lambda function in the tokens argument. Example: tokens.access_token.
@robotdan robotdan mentioned this issue Oct 11, 2023
Closed
1 task
@robotdan robotdan self-assigned this Oct 17, 2023
@robotdan robotdan added enhancement New feature or request openid-connect labels Oct 17, 2023
@robotdan robotdan added this to the 1.48.0 milestone Oct 17, 2023
@robotdan robotdan mentioned this issue Oct 17, 2023
Closed
1 task
@robotdan robotdan added this to In progress in FusionAuth Issues Oct 17, 2023
@robotdan
Copy link
Member

Handling via #2501

@robotdan robotdan moved this from In progress to Code complete in FusionAuth Issues Oct 17, 2023
@robotdan robotdan changed the title Make an OIDC identity provider's access token available to the reconcile lambda Make an OIDC IdPaccess_token available to the reconcile lambda Oct 20, 2023
@robotdan robotdan moved this from Code complete to Delivered in FusionAuth Issues Oct 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@robotdan robotdan

Labels
enhancement New feature or request openid-connect
Projects
FusionAuth Issues
  
Delivered
Milestone
1.48.0
Development

No branches or pull requests
2 participants
@robotdan @andrewpai