From 10b0523b96ac03146c1b99e83136a870f8e89c77 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Wed, 2 Apr 2025 16:41:45 +0530 Subject: [PATCH 1/3] add info about CustomRedirectLogicMicroflow --- .../services/oidc-provider.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md b/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md index 6c434b8e1fc..14df995d461 100644 --- a/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md +++ b/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md @@ -482,6 +482,18 @@ You need to configure the OIDC SSO module in your app which is using the IAM bro 1. Login by entering credentials of the user which you have created earlier on OIDC provider Accounts section. You should be able to login successfully and get into the index.html page +## Using `CustomRedirectLogicMicroflow` Microflow + +Use the constant `CustomRedirectLogicMicroflow` to specify which microflow determines where the user should be directed. This microflow has the following signatures: + + **Input Parameter**: `username` (String) – The username of the user logging in. + +**Return Value**: `Boolean` – Indicates whether the user should be sent to the client application or to the SSO provider application. + +**True**: Direct the user to the client application (their original destination). + +**False**: Direct the user to the SSO provider application. + ## Token Formats for Non-Custom Claims ### Non-Custom Claims in Access Token From 4e5f0442537e0bfea75589ffd5054a9afce37d87 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Mon, 14 Apr 2025 14:56:17 +0530 Subject: [PATCH 2/3] removed the limitation --- .../platform-supported-content/services/oidc-provider.md | 1 - 1 file changed, 1 deletion(-) diff --git a/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md b/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md index 14df995d461..e505bd23734 100644 --- a/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md +++ b/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md @@ -100,7 +100,6 @@ The OIDC Provider has the following features and limitations: * The hybrid resource owner password credential is not supported, although the OIDC Provider may contain some (rudimentary) implementation to support it. * The OIDC Provider service ignores "email", "phone" and "profile" scope values (as specified by OIDC specs) when the client includes these in an authentication request. Instead, the OIDC Provider service will include user claims in an ID-token based on a custom microflow, regardless of the scopes in the request. * Front channel and back-channel logout are implemented as alpha features. -* The module does not support `CustomRedirectLogicMicroflow` constant. ### Dependencies From a9b0e1be647566b099e03d69c2e48780a4c60902 Mon Sep 17 00:00:00 2001 From: Karuna-Mendix Date: Tue, 15 Apr 2025 12:37:33 +0530 Subject: [PATCH 3/3] versions update --- .../platform-supported-content/services/oidc-provider.md | 1 + 1 file changed, 1 insertion(+) diff --git a/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md b/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md index e505bd23734..7faf8bc0b32 100644 --- a/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md +++ b/content/en/docs/appstore/use-content/platform-supported-content/services/oidc-provider.md @@ -22,6 +22,7 @@ Certain OIDC Provider module versions are compatible with certain versions of St | Mendix Version | OIDC Provider Version | | --- | --- | +| 10.21.01 and above | 4.2.0 and above | | 10.12.10 and above | 4.0.0 and above | | 9.24.18 and above | 3.2.0 and above |