New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sign out idp_client_id per route #4613
Comments
It looks like the authenticate service However it looks like the proxy service does not populate this query parameter when constructing a sign-out redirect URL: Lines 71 to 78 in d6221c0
|
I think there's a more fundamental problem with the authenticate service sign-out flow: if I understand correctly the authenticate service stores only the single most recent Pomerium session token in its As an example, say we have an A route (
|
What happened?
Related to this PR, I used auth0 as idp , and we need to pass different client_id for each route if we want different applications to go to different sign out redirect url . Right now pomerium only get the global idp_client_id and do not get the idp_client_id per route.
What did you expect to happen?
The route idp_client_id config can override the global idp_client_id
What's your config.yaml?
The text was updated successfully, but these errors were encountered: