Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow configuring consent URL per client #837

Closed
MOZGIII opened this issue May 2, 2018 · 3 comments
Closed

Allow configuring consent URL per client #837

MOZGIII opened this issue May 2, 2018 · 3 comments

Comments

@MOZGIII
Copy link
Contributor

MOZGIII commented May 2, 2018

We need to have very different consent flows based on what client initiated the authentication. It is not possible to configure it currently, so we have to run multiple hydra servers.
Can we add the ability to customize consent URL at client level?
@MOZGIII
Copy link
Contributor Author

MOZGIII commented May 2, 2018
edited
Loading

Found this: #416

That thread has a quite elegant solution: actually implement a single consent app and in it read the consent authorization request, verify it, map the client (we have the clientId at the response from /oauth2/consent/requests/{id}) to the correct consent URL, and redirect the user agent to a client specific consent request page. This is much better than just allowing custom consent URLs from the security standpoint.

@MOZGIII MOZGIII closed this as completed May 2, 2018
@aeneasr
Copy link
Member

aeneasr commented May 2, 2018 via email

@aeneasr
Copy link
Member

aeneasr commented May 2, 2018

Whoops, missed in my emails that you already found a solution and also closed it!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@MOZGIII @aeneasr