ericfranz
commented
7 years ago Removed the subject claim, which didn't seem to add useful information (though maybe it would in the future if one of the other claims didn't correctly identify the subject in a human readable form?)
Remember, the default REMOTE_USER for mod_auth_openid is sub@iss
Display more headers for IDP you are linking to so when logging in with Keycloak you see something more than
i.e.:
We display Issuer, Subject, and Preferred Username headers, if they exist. This means when linking a CILogon account, the user will see:
Instead of:
Though displaying subject might be unnecessary.