Support OIDC registration prompt#11703
Conversation
Allow the OpenID Connect login endpoint to receive a register flag and carry that intent through the OIDC credentials object. When registration is requested, send prompt=create to the provider instead of the regular forced login prompt. This lets ILIAS initiate the OIDC request itself, preserving state handling while delegating account registration to the identity provider.
|
Hi @mjansenDatabay, hope this is alright to ping you here. This is another OIDC improvement I added. Maybe you can have look too? |
|
Hi @tiran133 , thanks again for your contribution. Even if the change is not big and it also adds a missing impl. detail of the OIDC specification, we just cannot integrate this. Reference for the implementation is the feature request https://docu.ilias.de/go/wiki/wpage_4827_1357 (you need to be logged in). I was not involved in the initial implementation and don't know why the registration was not part of the implementation, but it is how it is. Means: We need a feature request page for this change (see: https://docu.ilias.de/go/wiki/wpage_788_1357) and have to present this in in of the next JF meetings (see: https://docu.ilias.de/go/dcl/5316). Best regards, |
Allow the OpenID Connect login endpoint to receive a register flag and carry that intent through the OIDC credentials object. When registration is requested, send prompt=create to the provider instead of the regular forced login prompt.
This lets ILIAS initiate the OIDC request itself, preserving state handling while delegating account registration to the identity provider.
https://openid.net/specs/openid-connect-prompt-create-1_0.html