You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Currently, a number of OIDC configuration settings are derived by Gloo Edge by inspecting the values at <issuerUrl>/.well-known/openid-configuration. Sometimes Okta users in particular need to change these settings to use endpoints that are not associated with the sub-domain that Okta assigns them.
Describe the solution you'd like
OIDC users should be able to override one or more of the configuration settings derived from the .well-known/openid-configuration endpoint to point to alternatives available from their service provider.
The text was updated successfully, but these errors were encountered:
These APIs are separate because in other extauth apis (e.g. ApiKey auth) we use the user-provided config and gloo snapshot to derive the server config that gets sent to the extauth service. In this case, the APIs are the same (for now).
Proposal is to add new API (arbitrary json override) to both APIs, propagate that to Gloo and then to the Extauth service, and then use that in the service to choose the endpoints.
Is your feature request related to a problem? Please describe.
Currently, a number of OIDC configuration settings are derived by Gloo Edge by inspecting the values at
<issuerUrl>/.well-known/openid-configuration
. Sometimes Okta users in particular need to change these settings to use endpoints that are not associated with the sub-domain that Okta assigns them.Describe the solution you'd like
OIDC users should be able to override one or more of the configuration settings derived from the
.well-known/openid-configuration
endpoint to point to alternatives available from their service provider.The text was updated successfully, but these errors were encountered: