Kpow v90.2 is a minor release featuring improved OpenID Connect SSO support.
Kpow provides a number of integrations for common SSO / Authentication providers.
In release 90.2 we extend support for generic OpenID Connect integration by providing a new
OPENID_ISSUER environment variable.
Kpow validates the issuer presented in the authentication token as a part of the OpenID / OAuth2 SSO handshake process.
The default behaviour for most providers is to present the issuer field as a url that matches the base of your configured authentication uri.
Some providers present the issuer field in a different format, for example as a urn. You now have the option of specifying the expected issuer value like so:
OPENID_ISSUER field is set, Kpow will use the default uri validation.