Closed marcowartmann closed 7 months ago
See the thread last time this came up:
https://github.com/coreos/go-oidc/issues/215#issuecomment-535134805
General trying to figure out Azure support is https://github.com/coreos/go-oidc/issues/344
OpenID discovery spec that covers forming the well-known path is https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfig, which doesn't mention a strategy for URL paramaters
OpenID Providers supporting Discovery MUST make a JSON document available at the path formed by concatenating the string /.well-known/openid-configuration to the Issuer.
I don't think I want to make any changes to the library without figuring out a strategy for Azure (#344).
You may want to take a look at https://pkg.go.dev/github.com/coreos/go-oidc/v3/oidc#ProviderConfig, which was added explicitly for these kinds of issues where users need to work with providers with non-standard discovery.
Probably going to close this one out?
Ah yeah, this is a dupe of https://github.com/coreos/go-oidc/issues/290
OIDC is not working when Entra ID "App Registration" is configured with custom APIs.
The issue occurs cause of well-known openid-configuration and jwks uri must use an added parameter in the URL with appid speficified
Well known openid configuration:
https://login.microsoft.com/<tenant-id>/discovery/v2.0/.well-known/openid-configuration?appid=<app-id>
jwks uri:
https://login.microsoft.com/<tenant-id>/discovery/v2.0/keys?appid=<app-id>