Comments (9)
Need to correct that: even if you create multiple apps in the Logto console. There is only one OIDC provider and all the apps rely on it. We will discuss whether this feature should be supported. The solution provided earlier is to prevent any currently unimplemented features from blocking your use of Logto, which does NOT mean this feature request is meaningless. You've mentioned that Immich offers a solution for hybrid apps; would you be willing to provide a link? This could be very helpful during our discussion of requirements or use cases. Thank you very much!
Sorry that I did not make it clear. By an OIDC provider I mean a set of credentials involve 'oidc end point' + 'APP ID' + 'APP secret' + 'redirect uri'. In logto, different APPs obviously have different sets of id + secret, despite that they share an endpoint.
The link to the documentation is here. Please read the 'Mobile Redirect URI' section.
from logto.
A hybrid app is a straightforward solution for your case. But for now, you can create a Logto web app for your web version and a Logto native app for your native app to unblock. Both of these two Logto apps rely on a single identity system.
from logto.
A hybrid app is a straightforward solution for your case. But for now, you can create a Logto web app for your web version and a Logto native app for your native app to unblock. Both of these two Logto apps rely on a single identity system.
I understand that. However, in the Immich example it only allows me to specify a single set of client id & secret while I am a user but not a developer.
from logto.
Try to make it clear: you want to use the immich app, but at the same time, use Logto to manage the user identities for your self-hosted immich app, is that correct? Your statement that "immich allows only one set of client ID and secret" confuses me a bit, could you please elaborate on this? Also, related documents could be helpful.
from logto.
Try to make it clear: you want to use the immich app, but at the same time, use Logto to manage the user identities for your self-hosted immich app, is that correct? Your statement that "immich allows only one set of client ID and secret" confuses me a bit, could you please elaborate on this? Also, related documents could be helpful.
Thanks a lot for your response. I am just using Immich as an example but I believe some other APPs and developers will have the same issue. In the solution you provided above, we will need to create two sets of OIDC credentials (Logto APPs I mean). However, Immich (docs provided above) only takes a single OIDC provider. You cannot specify two oidc providers at the same time.
Please NOTE that I am fully aware that Immich has already provided a solution for this kind of hybrid APP, by using a HTTP redirection link (see the docs). However, I feel that this is an issue that logto as the identity provider should address. Otherwise, it might cause some additional complexity to APP developers and users (what if Immich did not provide such a solution?).
from logto.
Need to correct that: even if you create multiple apps in the Logto console. There is only one OIDC provider and all the apps rely on it.
We will discuss whether this feature should be supported. The solution provided earlier is to prevent any currently unimplemented features from blocking your use of Logto, which does NOT mean this feature request is meaningless.
You've mentioned that Immich offers a solution for hybrid apps; would you be willing to provide a link? This could be very helpful during our discussion of requirements or use cases. Thank you very much!
from logto.
This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
from logto.
This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
from logto.
Close this issue since this is not planned. The universal URL format proposed in this issue violates the OIDC protocol, that's why we are not going to implement this.
For apps that does not accept multiple redirect URIs in the config, developers can manually apply one redirection as the Immich app does to workaround.
from logto.
Related Issues (20)
- bug: UX navigation loading state HOT 1
- feature request: Postgres 16 HOT 6
- feature request: Augment `IdTokenClaims` in LogToClient configuration in order to include custom data HOT 6
- bug: It conflicts with postgis HOT 3
- bug: CloudFlare Captcha in Admin Panel `is not valid JSON` error HOT 2
- how to use logto for grpc apis? HOT 7
- feature request: WebAuthn as passwordless HOT 13
- bug:
- bug: logto in docker compose not working HOT 4
- bug: First access registration issues in private network deployment environment HOT 5
- bug: Inconsistency in Storing MFA Setup Skip Flag between custom_data and logto_config Fields HOT 1
- bug: enterprise connector OIDC Issuer error HOT 5
- feature request: Support parsing 'expires_in' in token response as both number and string HOT 3
- bug: Internal Error SSO Callback HOT 4
- bug: Deployment with nginx reverse proxy HOT 7
- feature request: Signing out user after deletion/suspension from Admin. HOT 3
- oauth2.0 connector: support parse nested userInfo in Profile Map config HOT 1
- bug: Database name is required in URL HOT 3
- feature request: support redis cluster and additional options for cache HOT 1
- bug: ERR_JWT_CLAIM_VALIDATION_FAILED when calling api endpoint HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from logto.