document limitations in the OpenID Connect connector #1157

ericchiang · 2017-12-21T01:13:27Z

robszumski · 2017-12-21T05:18:43Z

Documentation/oidc-connector.md

@@ -8,11 +8,9 @@ Prominent examples of OpenID Connect providers include Google Accounts, Salesfor

 ## Caveats

-Many OpenID Connect providers implement different restrictions on refresh tokens. For example, Google will only issue the first login attempt a refresh token, then not return one after. Because of this, this connector does not refresh the id_token claims when a client of dex redeems a refresh token, which can result in stale user info.
+This connector does not support the "groups" claim. Progress for this is tracked in [issue #1065][issue-1065].


what this means is....

document limitations in the OpenID Connect connector

document limitations in the OpenID Connect connector

0811d1a

diegs approved these changes Dec 21, 2017

View reviewed changes

ericchiang merged commit 053c476 into dexidp:master Dec 21, 2017

ericchiang deleted the conn-oidc-doc-groups branch December 21, 2017 01:20

robszumski reviewed Dec 21, 2017

View reviewed changes

mmrath pushed a commit to mmrath/dex that referenced this pull request Sep 2, 2019

Merge pull request dexidp#1157 from ericchiang/conn-oidc-doc-groups

98844a5

document limitations in the OpenID Connect connector

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

document limitations in the OpenID Connect connector #1157

document limitations in the OpenID Connect connector #1157

ericchiang commented Dec 21, 2017 •

edited

robszumski Dec 21, 2017

document limitations in the OpenID Connect connector #1157

document limitations in the OpenID Connect connector #1157

Conversation

ericchiang commented Dec 21, 2017 • edited

robszumski Dec 21, 2017

Choose a reason for hiding this comment

ericchiang commented Dec 21, 2017 •

edited