boundary icon indicating copy to clipboard operation
boundary copied to clipboard

Published 20 hours ago verified publisher icon hashicorp

unable to configure oidc auth method if issuer doesn't match discovery document issuer.

Open jimlambrt opened this issue 3 years ago • 1 comments
trafficstars

Currently, boundary requires that the issuer used for discovery must match the issuer in the discovery document. This is preventing some users from enabling an OIDC auth method ( this user's discussion post about oracle's provider ) .

We should consider supporting an option to skip the verification comparison of the issuer used for discovery against the issuer from the discovery doc. This would require cap changes and then subsequent boundary configuration changes (db, repo, api, and cli)

jimlambrt avatar Mar 18 '22 20:03 jimlambrt

Thanks for the suggestion, while we don't have a timeline for this improvement this will be added to our product backlog. In the meantime, we will keep this issue open so that it can receive upvotes from the community to inform its backlog priority.

covetocove avatar May 19 '22 00:05 covetocove

this was fixed.

jimlambrt avatar Feb 23 '23 14:02 jimlambrt