Michael Kelly
Michael Kelly
@xtremerui I've added some changes to your original PR that fix a few problems. See: https://github.com/kellyma2/dex/commit/a4414c271d5510d76ebff696da93f889ca1e6d7a Can you add them to this PR?
Done. https://github.com/kellyma2/dex/commit/19f212fb2846d900d77ce20fa49ea2bc14579afb
We use it for non human, ie: robot, interactions. Not supporting it would force folks to use another provider such as Auth0.
> As far as I can tell, this is basically a convenience feature for issuing JWT tokens as access tokens (but that itself is a problem IMO, more on that...
> If you need a flexible CA to issue credentials automation, you may want to look at HashiCorp Vault. Service-to-service credentials have different lifecycle and issuance requirements than human ones...
fyi,I should point out that I'm not the original PR author. I'm just using the PR in my setup
> Here is the deal though: if you accept any valid token, you accept ID tokens as well (because the way it's implemented in Dex). It's not that difficult to...
fwiw, the use case that @xtremerui described is very congruent with my own internal use case as well.
> Oops Looks like this needs to be resolved in some way?
@sagikazarmark this PR is blocked on the 'oops' comment you added. Any chance you can resolve this and I'll merge it?