New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Parameter forwarding to OIDC auth URL #2069
Comments
That's a valid point! Do you need to set these always from the callee or do you want to set those globally per provider? |
In my case I need to always pass the |
Ok, got it. I think we could include parameters which would be set by clients usually (such as login_hint, or locale). Would you be interested in contributing this change? First we should agree on a list of parameters that should be passable. |
I have limited experience with Golang but I'm happy to take a stab at it since the scope is small and seems pretty straightforward. I'll put together a brief proposal before I get started, including a parameter list to agree on. |
Hello contributors! I am marking this issue as stale as it has not received any engagement from the community or maintainers for a year. That does not imply that the issue has no merit! If you feel strongly about this issue
Throughout its lifetime, Ory has received over 10.000 issues and PRs. To sustain that growth, we need to prioritize and focus on issues that are important to the community. A good indication of importance, and thus priority, is activity on a topic. Unfortunately, burnout has become a topic of concern amongst open-source projects. It can lead to severe personal and health issues as well as opening catastrophic attack vectors. The motivation for this automation is to help prioritize issues in the backlog and not ignore, reject, or belittle anyone. If this issue was marked as stale erroneously you can exempt it by adding the Thank you for your understanding and to anyone who participated in the conversation! And as written above, please do participate in the conversation if this topic is important to you! Thank you 🙏✌️ |
@Benehiko is actually working on this atm |
Preflight checklist
Describe your problem
I'm connecting to a OIDC provider that accepts query params described in the OIDC specification. In particular, I need to pass the
login_hint
query param to the auth URL. This is a per-request value so it can't be a config value or hardcoded in a OIDC strategy.For example, Keycloak's auth request supports parameter forwarding to the auth URL of any upstream IdPs. https://www.keycloak.org/docs/latest/securing_apps/#_params_forwarding
For context, the flow I'm trying to achieve is
Describe your ideal solution
When submitting a login/registration flow where
method: 'oidc'
, I'd like to pass extra arguments that will be forwarded as query params to the auth url of the oidc provider. I think adding aparams
object to the submit payload containing key/value parameters would be a feasible solution for this.Workarounds or alternatives
I haven't found any suitable workarounds yet.
Version
v0.8.0-alpha.3
Additional Context
No response
The text was updated successfully, but these errors were encountered: