Details
-
Feature Request
-
Resolution: Done
-
Critical
-
None
-
None
-
None
-
False
-
None
-
False
-
Not Selected
-
0
-
0%
Description
1. Proposed title of this feature request
Allow oauth operator to ignore userinfo url from discovery
2. What is the nature and description of the request?
we have some issues to integrate ADFS openid provider with openshift.
It's observed in plenty of customers that when the token is customized we have this error at ADFS side:
MSIS9921: Received invalid UserInfo request. Audience 'microsoft:identityserver:e73c01dd-6e31-4785-b5dc-7f198d5dd0b9' in the access token is not same as the identifier of the UserInfo relying party trust 'urn:microsoft:userinfo'."
the only way we manage to integrate is to ignore userinfo url. In that case we will be skipping:
and that will allow to have this integration working.
This should be solved at ADFS side.
I am reporting this RFE just in case we want to manage this integration from our side.
Attachments
Issue Links
- is duplicated by
-
RFE-3596 Support for ADFS openid identity provider.
- Rejected
- links to