Open DimeOne opened 6 months ago
'oidc_login_scope' => 'openid profile email',
I am redirected to the IDP with the scope set to scope=openid+profile+email
When being redirected to the IDP, the scope is being set to: scope=openid+profile+email+openid - this causes Keycloak to respond with HTTP500.
Remove openid in oidc_login_scope
Only add openid scope if not yet in config
Config
Expected Result
I am redirected to the IDP with the scope set to scope=openid+profile+email
Issue
When being redirected to the IDP, the scope is being set to: scope=openid+profile+email+openid - this causes Keycloak to respond with HTTP500.
Workaround
Remove openid in oidc_login_scope
Resolution
Only add openid scope if not yet in config