OIDC - A Real OpenID Connect support ... again

I know that adding OIDC was discussed multiple times, but was closed with the addition of SAML.
I think adding OpenID Connect is as good as adding SAML, not all IDPs provide SAML not all provide OIDC, the good thing about OIDC compared to OAuth2 is it generalizes the endpoints and most importantly defines the auto discovery of endpoints, keys, etc. In that manner adding OIDC would be as easy as adding SAML. Ie: auth, token, userinfo, keys url or discovery endpoint, scopes, id + secret, all relevant info can then be get at the user endpoint(oidc again specifies the naming convention for email, name, etc…)


We have started using OpenID Connect. We are looking to get OIDC everywhere, and avoid SAML for its design flaws.

It would be great if Zammad supported OIDC. Perhaps it would be adequate to use the openid_connect gem which is even certified by the OpenID Foundation.

Some previous work by others seems to suggest that a reasonable amount of effort would be needed.


This topic was automatically closed after 416 days. New replies are no longer allowed.