Installation of OpenID connect extension in Shibboleth v3
Darren Boss
darren.boss at computecanada.ca
Thu Apr 16 15:01:42 EDT 2020
Understood. I likely will not allow registration on the production instance
at all. For the time being I'm working on our dev instance and trying to
make sure I understand how everything works, even for flows which we may
immediately turn off again.
On Thu, Apr 16, 2020 at 1:07 PM Cantor, Scott <cantor.2 at osu.edu> wrote:
> On 4/16/20, 12:54 PM, "users on behalf of Darren Boss" <
> users-bounces at shibboleth.net on behalf of darren.boss at computecanada.ca>
> wrote:
>
> > I've been able to test my setup with an OIDC RP using mod_auth_openidc
> so I know the configuration is working. The
> > /idp/profile/oidc/register still is generating that error which is what
> I'll look at fixing now that I've got a few more tips on
> > what to look at.
>
> It should have been self-evident to me, but of course...the registration
> flow absolutely has to be opened up to the Unverified RP configuration. It
> makes no sense to enable registration for "recognized RPs", the whole point
> of the flow is to register them so they can be recognized later.
>
> -- Scott
>
>
> --
> For Consortium Member technical support, see
> https://wiki.shibboleth.net/confluence/x/coFAAg
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
--
Darren Boss
Senior Programmer/Analyst
Programmeur-analyste principal
darren.boss at computecanada.ca
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20200416/35766c27/attachment.html>
More information about the users
mailing list