Integrating Apache with mod_auth_openidc into Active Directory Federation Services via OIDC #1169
Unanswered
marcel-kondermann
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello everyone,
I'm trying to integrate Active Directory Federation Services wich run on Microsoft Windows Server 2022 via OIDC with Apache ("Server version: Apache/2.4.37 (Red Hat Enterprise Linux))". Unfortunately I did not find any possible Configuration for the mod_auth_openidc module that would enable proper Identification/Authorization with AD FS.
The endpoints AD FS is offering are like this:
issuer " https://myserver/adfs"
authorization_endpoint " https://myserver/adfs/oauth2/authorize/"
token_endpoint " https://myserver/adfs/oauth2/token/"
jwks_uri " https://myserver/adfs/discovery/keys"
access_token_issuer " http://myserver/adfs/services/trust"
userinfo_endpoint " https://myserver/adfs/userinfo"
end_session_endpoint " https://myserver/adfs/oauth2/logout"
device_authorization_endpoint " https://myserver/adfs/oauth2/devicecode"
Any possible constellation of mod_auth_openidc settings that made sense to me failed.
Is there a determined usage of relevant mod_auth_openidc-Parameters (OIDCProviderIssuer, OIDCProviderAuthorizationEndpoint, OIDCProviderJwksUri etc.) that would properly reflect the above AD FS endpoints?
Thanks a lot for your feedback and support in advance!
Best regards, Marcel.
Beta Was this translation helpful? Give feedback.
All reactions