Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-86642

Update IDP registration selection process

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 8.0.0-rc0, 7.0.9, 7.3.2
    • Affects Version/s: None
    • Component/s: None
    • None
    • Server Security
    • Fully Compatible
    • v7.3, v7.0
    • Security 2024-03-04, Security 2024-03-18

      Since IDPConfiguration issuers are no longer guaranteed to be unique, selecting the correct IDPConfiguration registration that should apply to an OIDC authentication attempt is no longer as simple as matching the IDPConfiguration's issuer to the token's issuer claim. The server must now also match the IDPConfiguration's audience to the token's audience claim.

            Assignee:
            erwin.pe@mongodb.com Erwin Pe
            Reporter:
            erwin.pe@mongodb.com Erwin Pe
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: