You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently the service only responds with a GET response which passes the id_token as a query parameter in the URL. Software we're using only seems to support the POST response mode (reportedly for increased security), where the service winds up POSTING the id_token as a parameter back to the Service Provider.
Not a critical issue as we're only prototyping, not relying heavily on this currently, and have gotten around it by double-hopping the request through Azure AD B2C which accepts the GET method from the GCCollab IDp, and returns back to the SP with a POST response mode.
Thanks!
The text was updated successfully, but these errors were encountered:
Currently the service only responds with a GET response which passes the id_token as a query parameter in the URL. Software we're using only seems to support the POST response mode (reportedly for increased security), where the service winds up POSTING the id_token as a parameter back to the Service Provider.
See details here: https://openid.net/specs/oauth-v2-form-post-response-mode-1_0.html
Not a critical issue as we're only prototyping, not relying heavily on this currently, and have gotten around it by double-hopping the request through Azure AD B2C which accepts the GET method from the GCCollab IDp, and returns back to the SP with a POST response mode.
Thanks!
The text was updated successfully, but these errors were encountered: