Remote validation fails when the introspection endoint does not return sub claims #598
guillaume-perreal
started this conversation in
General
Replies: 1 comment
-
|
I don't see why you should not be able to use an OAuth 2.0 RS setup; how does it fail? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello,
For development purpose, I'm using Gitlab as an OP. Gitlab provides opaque access tokens and its introspection endpoint does not return any sub-like claim (as allowed by the RFC7662 ; all claims but "active" are optional), so there is no way to get user info from this two sources alone. This causes mod_auth_openidc to fail to remotely validate Gitlab tokens, as described there.
Is anyone aware of a workaround ?
Beta Was this translation helpful? Give feedback.
All reactions