OIDC Issuer is Non-Compliant

travis.evers · May 15, 2024, 4:33pm

Overview

When trying to create an OpenID Connect connection, options.issuer error appears.

Cause

The issuer in the discovery document is non-compliant with OIDC standards:

“issuer”: “urn:XXXX:XXX”

Solution

This issuer format is non-compliant with OIDC standards and not supported by Auth0’s validation schema, which is enforced across all environments. More details can be found here.

Issuer Identifier

Verifiable Identifier for an Issuer. An Issuer Identifier is a case-sensitive URL using the https scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components. There is no workaround for this case.

Please check if the Identity Provider offers other authentication options/protocol, as usually, the issuer format is typically used in SAML authentication.

Topic		Replies	Views
Creating an OIDC Connection Fails with "options.issuer is required" Error Knowledge Articles oidc-connection	1	1031	February 23, 2024
Custom OIDC Enterprise Connection Help connections , oidc-enterprise-connection	0	706	February 9, 2024
Auth0 SAML IdP: set the issuer to a URL-based format in the metadata Knowledge Articles metadata , saml2 , idp , issuer , format	1	1738	February 28, 2023
Can the Issuer URL for OIDC Connections Have a Wildcard In the Path? Knowledge Articles	1	631	October 19, 2023
OpenID Connect ID Configuration Knowledge Articles	1	866	January 23, 2024

OIDC Issuer is Non-Compliant

Overview

Cause

Solution

Issuer Identifier

Related topics