NeuraLegion/brokencrystals

Add support for OIDC

Closed this issue · 0 comments

derevnjuk commented

OIDC authentication should be configured as follows:

client credentials grant:

  • Token is embedded in Authorization header
  • The OAuth parameters (client_id, etc.) should be shown to the user on the OIDC login page

user password grant

  • Token is embedded in Cookie (e.g. auth_token=XYZ)
  • The OAuth parameters (client_id etc.) should be shown to the user on the OIDC login page