Stuck in OIDC implicit flow

I am trying to connect via Open ID Connect to another system (Ping)
On their end they do not want to support the implicit flow.
In order to turn that off I have only selected “Authorisation Code” in my application.

Now if I test my OIDC connection I get this test url: (replaced some parts)
https://pronto-rtm-base.eu.auth0.com/authorize?client_id=xxx&**response_type=code**&connection=Test&prompt=login&scope=openid%20profile&redirect_uri=https://manage.auth0.com/tester/callback?connection=Test

However after the redirect it looks like this:
https://client?client_id=xxx&scope=openid%20profile%20email&**response_type=id_token**&redirect_uri=callback&prompt=login&response_mode=form_post&nonce=...&state=

Note that the response_type changed from code to id_token. This triggers the implicit flow on their end resulting in this error: “unauthorized_client (implicit grant not allowed for this client)”

Did I miss some config option, can someone explain why this is happening?

Thanks

We managed to “solve” this by changing the connection type to “Back Channel”

1 Like

Hey there @pim.verkerk, thanks a bunch for following up on this with the community and welcome to the community! :smile:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.