I’m trying to implement the new OIDC login feature with my rails app as an OP, the OP is implemented using doorkeeper_openid-connect gem, and enforces the discovery feature.
Zammad correctly finds the auth endpoints thanks to the /.well-known/openid-configuration endpoint, but the request is rejected by my OP as it lacks a client_secret parameter.
Is there a way to configure the client-secret in Zammad ?
This sounds like a must-have feature request if it isn’t already in the works. I’m trying to configure okta OIDC auth in Zammad, similar to how we auth WordPress, but I’m not having any luck since I can’t set the keys.
Is there a way now or in the future to set environment variables like in the Example configuration for omniauth_openid_connect?
Like already mentioned by @fliebe92, this is currently not possible. But for sure, this was the first step of the implementation, and the focus was on the easiest way of configuration.
For the first implementation, it makes total sense to go for the easiest way of configuration!
But I also agree with @Mk1DzL, it’s going to be a huge blocker for most OAuth2 providers. Would you be open to a PR if the community want to had support for such configuration?
