-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sample configurations #71
Comments
Making use of the metadata URLs sounds awesome. I definitely want to look into that. In this case, yes the End Session Endpoint URL is meant to be that URL where the access token is revoked. But, it is very simple and expects the url will automatically handle the revocation upon being visited (GET request). I've not tested this with Google, do they expect a POST request or something more than simply hitting a URL? |
To answer the question about "End Session Endpoint URL", I used this endpoint and it seems to work fine (although I don't actually know if it's doing anything on Google's end): https://oauth2.googleapis.com/revoke It's listed at https://accounts.google.com/.well-known/openid-configuration as the "revocation_endpoint". |
Noting that the Wiki has been compiling IDP setup guides. Additionally, one of the nect major releases is going to include using the OIDC configuration discovery endpoint to pre-configure the plugin settings. |
It's supposed that Google is a supported openid provider.
It already provides a metadata URL which should ease configuration:
https://accounts.google.com/.well-known/openid-configuration
Anyway the "End Session Endpoint URL" is not clear. Is it actually what Google calls a "revocation_endpoint"?
Samples of configuration for common providers would be welcome or, better, make use of the metadata URL to automatically fill the fields.
The text was updated successfully, but these errors were encountered: