-
Notifications
You must be signed in to change notification settings - Fork 272
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FEATURE] Support UserInfo Endpoint for OpenID #2040
Comments
Thank you for filing this request. |
Not sure if this is frowned upon, but here's how Obviously I'm not suggesting a copy-paste but might be worth looking at for a reference. [Edited by @peternied: Removed link to prevent accidental copy/paste error] |
😂 We are faced with the same issue. ID token is really not enough. |
Hello, any update on this? We would love to see this feature implemented |
Thanks for the interest @geckiss we'd welcome a pull request to support this feature. |
Is your feature request related to a problem?
We're currently trying to use OpenID but can't use it for fine grained authorization because Opensearch does not support the UserInfo Endpoint.
What solution would you like?
Support UserInfo Endpoint as defined by OpenID: https://openid.net/specs/openid-connect-core-1_0.html#UserInfo
This is supported by Elasticsearch through xpack: https://www.elastic.co/guide/en/elasticsearch/reference/current/oidc-guide.html
What alternatives have you considered?
I'm currently trying to get around this by using LDAP attributes but allow-listing only some attributes does not seem to work either: #2032
Do you have any additional context?
Add any other context or screenshots about the feature request here.
The text was updated successfully, but these errors were encountered: