OIDC extension and ClearAttributeReleaseConsent
Darren Boss
darren.boss at computecanada.ca
Wed Aug 19 12:52:28 UTC 2020
I'm running Shibboleth IdP version 4.0.1 deployed as a container using
the most recent build (shib-idp:4.0.1_20200717) as a base to which I
add the 2.0.0 OIDC extension via Docker build.
I don't have all that many OIDC clients yet and most are applications
developed in house. I just setup Harbor which is an open source
container registry with OIDC as they don't support SAML. I'm getting
the attribute consent release on every authentication and seeing
|harbor|ClearAttributeReleaseConsent|myuid||||
in the logs.
I double checked all the other registered OIDC clients and none of
them exhibit this behavior and a few of them have the same scopes or
even an additional scope configured and behave normally.
Any thoughts on what I should check? Since this is an internal
deployment, I will likely bypass the consent ui for this client but
I'd like to figure out why this is occurring before doing so.
--
Darren Boss
Senior Programmer/Analyst
Programmeur-analyste principal
darren.boss at computecanada.ca
More information about the users
mailing list