-
Feature Request
-
Resolution: Unresolved
-
Undefined
-
None
-
None
-
None
-
False
-
None
-
False
-
Not Selected
-
0
-
0%
-
-
1. Proposed title of this feature request
Allow multiple redirectURIs for ArgoCD
2. What is the nature and description of the request?
Customers want to be able to use multiple hostnames for the ArgoCD server, that would require creating a list of acceptable redirectURIs when passed through to an SSO provider.
3. Why does the customer need this? (List the business requirements here)
To have the ability to login to the ArgoCD instance from more than one host URL, e.g. argocd.example.com as well as argocd.apps.example.com. This might be useful when managing different DNS zones, or if using a vanity URL as a method of failover between two argocd instances that might be managing resources in another cluster.
4. List any affected packages or components.
oidc client in ArgoCD:
https://github.com/argoproj/argo-cd/blob/master/util/oidc/oidc.go#L240
possibly Dex needs to also support multiple redirect URLs:
https://github.com/dexidp/dex/blob/665a5b627c5f257c821a09bf08209795be7dfe51/connector/openshift/openshift.go#L30
Keycloak already supports redirectURI patterns and would probably be an easier update:
https://github.com/argoproj-labs/argocd-operator/blob/acee651b65adc76bb3a7da0bd912bf2eb087811e/controllers/argocd/keycloak.go#L846