You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Hello,
We use a keycloak as an external oidc.
To manage our ocis, we use python scripts that connect directly to our keycloak with user/password.
We have to configure the keycloak client with access grant enabled and pkce disabled, otherwise our scripts won't be able to connect to keycloak.
The problem is that this is a major vulnerability: A malicious person could make a phising app that calls our keycloak whatever he wants.
Describe the solution you'd like
Will it be possible for ocis to be compatible with an oidc secret client?
In order to be able to create a service account on keycloak
This would enable a more standard interconnection with keycloak.
Describe alternatives you've considered
Additional context
ocis version: 7.0.0
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Hello,
We use a keycloak as an external oidc.
To manage our ocis, we use python scripts that connect directly to our keycloak with user/password.
We have to configure the keycloak client with access grant enabled and pkce disabled, otherwise our scripts won't be able to connect to keycloak.
The problem is that this is a major vulnerability: A malicious person could make a phising app that calls our keycloak whatever he wants.
Describe the solution you'd like
Will it be possible for ocis to be compatible with an oidc secret client?
In order to be able to create a service account on keycloak
This would enable a more standard interconnection with keycloak.
Describe alternatives you've considered
Additional context
ocis version: 7.0.0
The text was updated successfully, but these errors were encountered: