I was looking at Auth0’s OpenID Connect configuration interface. When you provide it the /.well-known/openid-configuration
discovery endpoint it expects the payload to contain the response_modes_supported
property. The spec (Final: OpenID Connect Discovery 1.0 incorporating errata set 1) says this parameter is optional. I ran into this doing a POC to connect AWS Cognito as an OIDC provider.
Steps to Reproduce:
- From the side menu navigate to: Connections → Enterprise
- Click the “+” next to “OpenID Connect”
- For the issuer enter: https://cognito-idp.us-east-2.amazonaws.com/us-east-2_7jViQuo6W/.well-known/openid-configuration
Expected behavior:
The OIDC endpoints are populated
Actual behavior:
Error message.
I didn’t see a way to manually enter the OIDC details.