Gaps in Integrations Platform external install flow

[shaunpersad]

Problem Statement

We're trying to use the external install flow described here: https://docs.sentry.io/product/integrations/integration-platform/public-integration/

However, while the flow looks like a standard OAuth2 flow, it does not appear to support passing a state query param (and consequently receiving the param back on redirect): https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.1

Support for this param has the security benefits outlined in the spec, but most relevant is that it would allow us to explicitly control where external installs happen. In our case, we'd only want them to happen from within our dashboard.

Typically with other oauth flows, we pass in a state query param to the authorization URL that is actually a signed JWT that contains relevant context (account and other of our resource IDs that this install operating on). When the flow is redirected back to us, we can then validate that the flow started from us, and also extract the important context to continue with the next steps.

Without this param, we're not only unable to validate where the install started, but we'd be unable to continue since we'd be missing any context about what to do next, e.g. we wouldn't know which of our accounts wants to install our Sentry integration, and on what resources.

Solution Brainstorm

No response

Product Area

Settings - Integrations