Highest Voted 'oidc' Questions - Server Fault Stack Exchange

1

vote

0 answers

Can ADFS groups be referred to as both DOMAIN\groupname and groupname@DOMAIN?

Does the near-equivalence between DOMAIN\username and username@DOMAIN only hold for users or also for groups? In particular, can ADFS clients that request groups as claims with option Token-Groups - Qualified by Long Domain Name assume that the…

adfs oidc

asked Aug 22 '23 at 11:28

rookie099

375
3
14

0

votes

0 answers

Is `id_token_signing_alg_values_supported` administrated by Microsoft or the tenant's administrators?

I have created a custom OIDC authorizer for a AWS API Gateway (REST). It currently support tokens signed using the RS256 algorithm, and will otherwise fail. The .well-known OIDC endpoint lists the following supported algorithms, so everything is…

azure azure-active-directory microsoft oidc

asked Aug 25 '23 at 12:10

Shuzheng

419
1
8
15

-1

votes

1 answer

Why does AWS Cognito require a client secret when configuring an external IdP (Azure AD)?

I don't understand why AWS Cognito require a client secret when configuring an external IdP (e.g. Azure AD). AFAIK, AWS Cognito merely forwards federated identities to the external IdP for (OIDC) authorization code grant flows, which in turn results…

amazon-web-services security azure single-sign-on oidc

asked Jul 15 '23 at 11:16

Shuzheng

419
1
8
15

Questions tagged [oidc]

Can ADFS groups be referred to as both DOMAIN\groupname and groupname@DOMAIN?

Is `id_token_signing_alg_values_supported` administrated by Microsoft or the tenant's administrators?

Why does AWS Cognito require a client secret when configuring an external IdP (Azure AD)?