<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 06:48:22 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[SERVER-82143] Make clientId OIDC IdP configuration field optional</title>
                <link>https://jira.mongodb.org/browse/SERVER-82143</link>
                <project id="10000" key="SERVER">Core Server</project>
                    <description>&lt;p&gt;Today, the&#160;&lt;tt&gt;clientId&lt;/tt&gt; field of the OIDC IdP configuration is mandatory, and the server fails to start if it is not supplied with one for every configured IdP. It is included in the &lt;tt&gt;saslStart&lt;/tt&gt; reply to Drivers running that command with MONGODB-OIDC as the auth mech. However, Drivers only need this field if the token acquisition flow that they run is a human-based flow such as authorization code flow or device authorization grant. Service accounts authenticating with OIDC may not need to register a &lt;tt&gt;clientId&lt;/tt&gt; with the IdP.&lt;/p&gt;

&lt;p&gt;This ticket will introduce a new IdP configuration field called&#160;&lt;tt&gt;supportsHumanFlows&lt;/tt&gt;&#160;that is defaulted to true. When it is toggled to false,&#160;&lt;tt&gt;clientId&lt;/tt&gt; will be optional and the server will not supply that in the &lt;tt&gt;saslStart&lt;/tt&gt; reply to clients authenticating with MONGODB-OIDC.&lt;/p&gt;</description>
                <environment></environment>
        <key id="2472960">SERVER-82143</key>
            <summary>Make clientId OIDC IdP configuration field optional</summary>
                <type id="3" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14718&amp;avatarType=issuetype">Task</type>
                                            <priority id="3" iconUrl="https://jira.mongodb.org/images/icons/priorities/major.svg">Major - P3</priority>
                        <status id="6" iconUrl="https://jira.mongodb.org/images/icons/statuses/closed.png" description="The issue is considered finished, the resolution is correct. Issues which are closed can be reopened.">Closed</status>
                    <statusCategory id="3" key="done" colorName="success"/>
                                    <resolution id="13201">Fixed</resolution>
                                        <assignee username="varun.ravichandran@mongodb.com">Varun Ravichandran</assignee>
                                    <reporter username="varun.ravichandran@mongodb.com">Varun Ravichandran</reporter>
                        <labels>
                            <label>pm-3513</label>
                    </labels>
                <created>Thu, 12 Oct 2023 17:50:39 +0000</created>
                <updated>Wed, 24 Jan 2024 00:38:58 +0000</updated>
                            <resolved>Fri, 10 Nov 2023 16:51:55 +0000</resolved>
                                                    <fixVersion>7.3.0-rc0</fixVersion>
                    <fixVersion>7.2.0-rc2</fixVersion>
                    <fixVersion>7.0.5</fixVersion>
                                                        <votes>0</votes>
                                    <watches>2</watches>
                                                                                                                <comments>
                            <comment id="5942739" author="xgen-internal-githook" created="Tue, 12 Dec 2023 01:53:24 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Varun Ravichandran&apos;, &apos;email&apos;: &apos;varun.ravichandran@mongodb.com&apos;, &apos;username&apos;: &apos;varunravi98&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-82143&quot; title=&quot;Make clientId OIDC IdP configuration field optional&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-82143&quot;&gt;&lt;del&gt;SERVER-82143&lt;/del&gt;&lt;/a&gt;: Allow clientID to be optionally omitted during identity provider configuration&lt;/p&gt;

&lt;p&gt;(cherry picked from commit 7e56544b542be3c2459358f7c358fc6100811229)&lt;/p&gt;

&lt;p&gt;GitOrigin-RevId: 98210882f6115a580901bc6601e50ad991c42168&lt;br/&gt;
Branch: v7.0&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/b397d271622033fbe2d54438873bec0bd667ffa7&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/b397d271622033fbe2d54438873bec0bd667ffa7&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5890665" author="xgen-internal-githook" created="Sun, 19 Nov 2023 04:07:55 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Varun Ravichandran&apos;, &apos;email&apos;: &apos;varun.ravichandran@mongodb.com&apos;, &apos;username&apos;: &apos;varunravi98&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-82143&quot; title=&quot;Make clientId OIDC IdP configuration field optional&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-82143&quot;&gt;&lt;del&gt;SERVER-82143&lt;/del&gt;&lt;/a&gt;: Allow clientID to be optionally omitted during identity provider configuration&lt;br/&gt;
Branch: v7.2&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/0b7c20a5c147e647a66a40c0706078f8b2cf2ef9&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/0b7c20a5c147e647a66a40c0706078f8b2cf2ef9&lt;/a&gt;&lt;/p&gt;</comment>
                            <comment id="5870197" author="xgen-internal-githook" created="Fri, 10 Nov 2023 07:00:07 +0000"  >&lt;p&gt;Author: &lt;/p&gt;
{&apos;name&apos;: &apos;Varun Ravichandran&apos;, &apos;email&apos;: &apos;varun.ravichandran@mongodb.com&apos;, &apos;username&apos;: &apos;varunravi98&apos;}
&lt;p&gt;Message: &lt;a href=&quot;https://jira.mongodb.org/browse/SERVER-82143&quot; title=&quot;Make clientId OIDC IdP configuration field optional&quot; class=&quot;issue-link&quot; data-issue-key=&quot;SERVER-82143&quot;&gt;&lt;del&gt;SERVER-82143&lt;/del&gt;&lt;/a&gt;: Allow clientID to be optionally omitted during identity provider configuration&lt;br/&gt;
Branch: master&lt;br/&gt;
&lt;a href=&quot;https://github.com/mongodb/mongo/commit/7e56544b542be3c2459358f7c358fc6100811229&quot; class=&quot;external-link&quot; target=&quot;_blank&quot; rel=&quot;nofollow noopener&quot;&gt;https://github.com/mongodb/mongo/commit/7e56544b542be3c2459358f7c358fc6100811229&lt;/a&gt;&lt;/p&gt;</comment>
                    </comments>
                <issuelinks>
                            <issuelinktype id="10420">
                    <name>Backports</name>
                                            <outwardlinks description="backported by">
                                                        </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                                                <inwardlinks description="is depended on by">
                                                        </inwardlinks>
                                    </issuelinktype>
                            <issuelinktype id="10320">
                    <name>Documented</name>
                                                                <inwardlinks description="is documented by">
                                        <issuelink>
            <issuekey id="2496928">DOCS-16489</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                <customfield id="customfield_10050" key="com.atlassian.jira.toolkit:comments">
                        <customfieldname># Replies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>3.0</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18555" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname># of Sprints</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1.0</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_12751" key="com.atlassian.jira.plugin.system.customfieldtypes:multiselect">
                        <customfieldname>Assigned Teams</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="25129"><![CDATA[Server Security]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12450" key="com.atlassian.jira.plugin.system.customfieldtypes:multicheckboxes">
                        <customfieldname>Backport Requested</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="26553"><![CDATA[v7.2]]></customfieldvalue>
    <customfieldvalue key="25578"><![CDATA[v7.0]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10011" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Backwards Compatibility</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10038"><![CDATA[Fully Compatible]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_10055" key="com.atlassian.jira.ext.charting:firstresponsedate">
                        <customfieldname>Date of 1st Reply</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>Tue, 7 Nov 2023 15:14:05 +0000</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10052" key="com.atlassian.jira.toolkit:dayslastcommented">
                        <customfieldname>Days since reply</customfieldname>
                        <customfieldvalues>
                                        8 weeks, 2 days ago
    
                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18254" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Dependencies</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_17052" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Downstream Changes Summary</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>This ticket introduces the supportsHumanFlows configuration field to every element in the oidcIdentityProviders setParameter array. supportsHumanFlows is a boolean flag that defaults to true. If it is set to false, then the clientId configuration field is optional for that identity provider. Subsequently, if a driver runs saslStart for MONGODB-OIDC while providing a principal name, the server&amp;#39;s response may not include a clientId if the matched IdP had supportsHumanFlows set to false.&lt;br/&gt;
&lt;br/&gt;
In practice, this is expected to only be used for machine flow/workload IdPs. These clients should never be performing authorization code flow or device authorization grant for token acquisition, so setting supportsHumanFlows to false will allow them to elide clientId entirely when it&amp;#39;s not needed.</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_17050" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Downstream Team Attention</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="16942"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                        <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>PM-3385</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                <customfield id="customfield_10057" key="com.atlassian.jira.toolkit:lastusercommented">
                        <customfieldname>Last comment by Customer</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>true</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10056" key="com.atlassian.jira.toolkit:lastupdaterorcommenter">
                        <customfieldname>Last commenter</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>maria.prinus@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_11151" key="com.atlassian.jira.toolkit:LastCommentDate">
                        <customfieldname>Last public comment date</customfieldname>
                        <customfieldvalues>
                            8 weeks, 2 days ago
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_10051" key="com.atlassian.jira.toolkit:participants">
                        <customfieldname>Participants</customfieldname>
                        <customfieldvalues>
                                        <customfieldvalue>xgen-internal-githook</customfieldvalue>
            <customfieldvalue>varun.ravichandran@mongodb.com</customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_14254" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Product Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i2vtcv:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i1tne7:9</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_23361" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Requested By</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                            <customfield id="customfield_22250" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Special Downgrade Instructions Required</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="23343"><![CDATA[Not Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10557" key="com.pyxis.greenhopper.jira:gh-sprint">
                        <customfieldname>Sprint</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue id="7707">Security 2023-11-13</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                    <customfield id="customfield_17051" key="com.atlassian.jira.plugin.system.customfieldtypes:multicheckboxes">
                        <customfieldname>Teams Impacted</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="16943"><![CDATA[Cloud]]></customfieldvalue>
    <customfieldvalue key="16944"><![CDATA[Docs]]></customfieldvalue>
    <customfieldvalue key="16945"><![CDATA[Drivers]]></customfieldvalue>
    
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_10053" key="com.atlassian.jira.ext.charting:timeinstatus">
                        <customfieldname>Time In Status</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        <customfield id="customfield_22870" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Triagers</customfieldname>
                        <customfieldvalues>
                                

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                    <customfield id="customfield_14350" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>serverRank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>1|i2vfi7:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                    </customfields>
    </item>
</channel>
</rss>