OIDC. registration instructions
Cath Messner
cathm8009 at gmail.com
Wed Dec 23 21:42:11 UTC 2020
I'm trying to unpack my understanding of the following link/text on OIDC
below.
Would adding 'OIDC.Registration' under 'UnverifiedRelyingParty' - enable
all OIDC services to leverage our IDP for authentication?
https://github.com/CSCfi/shibboleth-idp-oidc-extension/wiki/DynamicClientRegistration
"
The *OIDC.Registration* profile configuration bean enables support for
the OpenID
Connect Dynamic Client Registration 1.0
<https://openid.net/specs/openid-connect-registration-1_0.html>. Currently
the clients (relying parties) cannot be authenticated during the protocol
sequence, so the only way to exploit this profile is through
*shibboleth.UnverifiedRelyingParty*, see RelyingPartyConfiguration
<https://wiki.shibboleth.net/confluence/display/IDP30/RelyingPartyConfiguration>
."
<bean id="shibboleth.UnverifiedRelyingParty" parent="RelyingParty">
<property name="profileConfigurations">
<list>
...
<bean parent="OIDC.Registration" />
...
</list>
</property>
</bean>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20201223/23ec7042/attachment.htm>
More information about the users
mailing list