The Okta authentication provider does not work in all use cases. In Okta Preview and Trial instances, the deafult authorization server uri is /oauth2/default/v1/.... In other instances, the default authorization server uri is /oauth2/v1/.... Additionally, Okta customers have the ability to implement other custom authorization servers with different uri's.
To reproduce
Configure an authorization server in Okta that does not use the default url pattern.
Setup a mage instance configured with the new Okta server as the authentication provider.
Attempt to login.
Login will fail.
Expected behavior
Currently, mage has the oauth2/default/v1/... url pattern hardcoded into the authentication provider for Okta. Instead, using the OKTA_DOMAIN_URL provided in the settings the provider should discover the appropriate endpoints for authentication using the https://{OKTA_DOMAIN_URL}/.well-known/openid-configuration endpoint.
Mage version
0.9.67
Describe the bug
The Okta authentication provider does not work in all use cases. In Okta Preview and Trial instances, the deafult authorization server uri is
/oauth2/default/v1/...
. In other instances, the default authorization server uri is/oauth2/v1/...
. Additionally, Okta customers have the ability to implement other custom authorization servers with different uri's.To reproduce
Expected behavior
Currently, mage has the
oauth2/default/v1/...
url pattern hardcoded into the authentication provider for Okta. Instead, using the OKTA_DOMAIN_URL provided in the settings the provider should discover the appropriate endpoints for authentication using thehttps://{OKTA_DOMAIN_URL}/.well-known/openid-configuration
endpoint.Screenshots
No response
Operating system
No response
Additional context
No response