I’m currently trying to implement OAUTH authentication using the apache module mod-auth-openidc.
I’d like to request two things;
Metadata file - this would allow automatic configuration of endpoints, and as Twitch updates item, it would be simple to keep the metadata file updated - Google’s metadata file is found here ( https://accounts.google.com/.well-known/openid-configuration ) as an example.
Thanks - I’ve very aware of the differences. Does not remove my original request as they both are related to adding an OAUTH 2.0 endpoint. Don’t get hungup on the file name.
OpenID Connect is an authentication layer on top of OAuth2. When exchanging a authorization code at Google’s token endpoint, you get an access token (the access_token parameter) as well as an OpenID Connect ID token (the id_token parameter).
We do not currently support OpenID Connect, nor do we have any plans to.
Thanks @Fugiman for the response - Would it be possible to at least implement the id_token parameter from the token request? Thus, reducing an extra API call, and giving some support to existing authentication solutions.
I would not feel comfortable trying to fake support for OpenID Connect by providing an id_token that may or may not be what existing OpenID Connect integrations expect. If we’re going to try and support this use case, we should do it properly.