Installation of OpenID connect extension in Shibboleth v3

Darren Boss darren.boss at
Thu Apr 16 15:01:42 EDT 2020

Understood. I likely will not allow registration on the production instance
at all. For the time being I'm working on our dev instance and trying to
make sure I understand how everything works, even for flows which we may
immediately turn off again.

On Thu, Apr 16, 2020 at 1:07 PM Cantor, Scott <cantor.2 at> wrote:

> On 4/16/20, 12:54 PM, "users on behalf of Darren Boss" <
> users-bounces at on behalf of darren.boss at>
> wrote:
> > I've been able to test my setup with an OIDC RP using mod_auth_openidc
> so I know the configuration is working. The
> > /idp/profile/oidc/register still is generating that error which is what
> I'll look at fixing now that I've got a few more tips on
> > what to look at.
> It should have been self-evident to me, but of course...the registration
> flow absolutely has to be opened up to the Unverified RP configuration. It
> makes no sense to enable registration for "recognized RPs", the whole point
> of the flow is to register them so they can be recognized later.
> -- Scott
> --
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at

Darren Boss
Senior Programmer/Analyst
Programmeur-analyste principal
darren.boss at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list