-
Notifications
You must be signed in to change notification settings - Fork 368
ID Providers
Please add any providers that you have working with OpenID-Connect-PHP
| Name | new OpenIDConnectClient("... | Other Recources |
|---|---|---|
| https://accounts.google.com | Obtaining credentials | |
| SalesForce | https://login.salesforce.com | Obtaining credentials Getting Started -> Quick Start -> Step Two |
| Authentik | on premise | Tested on version [2024.8.2] (https://goauthentik.io/docs/releases/2024.8) |
This library (without modifications) does not work with Azure AD, although it has been OpenID Certified. This is due to the fact that the provider (discovery) URL given to OpenIDConnectClient is on the https://login.microsoftonline.com/ domain (see: https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-protocols-openid-connect-code), while the token issuer is https://sts.windows.net/ (https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-token-and-claims#idtokens). This does (possibly) not apply to version 2 tokens.
It will work if you change the provider URL between redirecting to the authorize endpoint and the validation of the JWT token. See issue #24.