forked from mystiq/dex
512cb3169e
If you have an oidc connector configured *and* that IDP provides thin tokens (e.g. okta) then the majority of the requested claims come in the getUserInfo call (such as email_verified). So if getUserInfo is configured it should be run before claims are validated. |
||
---|---|---|
.. | ||
authproxy | ||
bitbucketcloud | ||
github | ||
gitlab | ||
keystone | ||
ldap | ||
microsoft | ||
mock | ||
oidc | ||
saml | ||
connector.go |