OIDC: Introduce stable and static absolute reply-url
See original GitHub issueCurrent Behavior:
Currently, there is the need to add *
to the reply-url, which is not allowed in Azure AD:
Microsoft at their side, referring to https://datatracker.ietf.org/doc/html/rfc6749#section-3.1.2, where it’s also stated.
Proposed Behavior:
Change the reply-url to absolute stable url without fragements, …, in order to fulfill recommended best practices.
Issue Analytics
- State:
- Created 2 years ago
- Reactions:7
- Comments:11 (9 by maintainers)
Top Results From Across the Web
OIDC Redirect URL should be static absolute URL #5733
According to the OAuth 2.0 specification that OIDC is based on the redirect URL should be absolute. Without a constant redirect path it...
Read more >OpenID Connect Core 1.0 incorporating errata set 1
This specification defines the core OpenID Connect functionality: authentication built on top of OAuth 2.0 and the use of Claims to communicate ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@cmenzi @daniel-anova This should be fixed in https://github.com/DependencyTrack/frontend/pull/113
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.