Switch to the OIDC discover protocol for the provider config (!14) · Merge requests · digital blueprint / Relay API Gateway / dbp-relay-auth-bundle

Reiter, Christoph requested to merge oidc-discover into main Oct 12, 2021

The goal is to support every OIDC server that implements the discover protocol (Keycloak for example). This allows us to fetch all the required information at runtime without the user having to keep the settings in sync with the used server. The config and public keys are cached for one hour.

While in theory this works with non-keycloak it isn't tested yet, and we still need keycloak specific settings for the API docs auth because we only support keycloak with our frontend web components which we inject into the openapi docs.

Fixes #3 (closed)

Switch to the OIDC discover protocol for the provider config

Merge request reports