Uploaded image for project: 'Red Hat Internal Developer Platform'
  1. Red Hat Internal Developer Platform
  2. RHIDP-2679

Out of the box the OIDC auth provider reports "The OIDC provider is not configured to support sign-in"

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Blocker Blocker
    • 1.2
    • None
    • Authentication
    • None
    • False
    • Hide

      None

      Show
      None
    • False
    • Hide
      The OIDC authentication provider now supports declarative configuration of the resolver via the `app-config.*.yaml` file. If no configuration is provided, it defaults to the `emailLocalPartMatchingUserEntityName` resolver.

      To override the default resolver, choose one of the following resolvers (comment out the ones you don't want) in your `app-config.*.yaml` configuration file:

      [source,yaml]
      ----
      auth:
        providers:
          oidc:
            production:
              # Other Fields
              signIn:
                resolvers:
                  - resolver: preferredUsernameMatchingUserEntityName
                  - resolver: emailMatchingUserEntityProfileEmail
                  - resolver: emailLocalPartMatchingUserEntityName
      ----
      Show
      The OIDC authentication provider now supports declarative configuration of the resolver via the `app-config.*.yaml` file. If no configuration is provided, it defaults to the `emailLocalPartMatchingUserEntityName` resolver. To override the default resolver, choose one of the following resolvers (comment out the ones you don't want) in your `app-config.*.yaml` configuration file: [source,yaml] ---- auth:   providers:     oidc:       production:         # Other Fields         signIn:           resolvers:             - resolver: preferredUsernameMatchingUserEntityName             - resolver: emailMatchingUserEntityProfileEmail             - resolver: emailLocalPartMatchingUserEntityName ----
    • Enhancement
    • RHDH Core Team 3258

      Description of problem:

      When setting up the OIDC auth provider, if the user doesn't configure a username mapping resolver, the provider will complain with:

      "The OIDC provider is not configured to support sign-in"

      Because the user needs to configure one of these as mentioned here.

      Ideally the product should default to the previous mapping behavior (preferredUsernameMatchingUserEntityName) as that satisfies probably most use cases.

            rh-ee-frkong Frank Kong
            stlewis_2 Stan Lewis
            RHIDP - Plugins
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: