Allow empty clientSecret

[dborysenko]

Is your feature request related to a problem? Please describe. It is a valid use case where OIDC Provider does not require client secret for a client. It would make sense to allow loginapp to accept no client secret.

Describe the solution you'd like Make clientSecret field optional.

Describe alternatives you've considered

Additional context

[fydrah]

Hi @dborysenko !

Ok, I didn't know this was possible, by any chance do you have an example or a documentation I could refer to for testing purpose?

[dborysenko]

Hey @fydrah, Thanks for quick response. My use case is AWS EKS clusters using OIDC provider for authentication/authorization. EKS do not require clientSecret, moreover it does not even support clientSecret. Please refer to AWS doc: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-eks-identityproviderconfig-oidcidentityproviderconfig.html

[adrahun]

Hi, still would be nice to have such an option! (example - Dex supports public clients).