Actions
Feature #17037
open[controller] Improve use of given_name/family_name fields for generic OpenID Connect providers
Story points:
-
Release:
Release relationship:
Auto
Description
Current behavior:
- when Google People API is in play, get "given_name" and "family_name" fields from the People API response.
- otherwise, use the "name" field from the ID token returned from access token verification, and split on whitespace.
- before falling back to the "name" field in the ID token, check whether "first_name" and "family_name" are available from the userinfo endpoint, and use them if so.
Additionally, although "given_name", "family_name", and "name" are all standard claims we could make the claim names configurable, in case some providers only offer this info in non-standard claims.
Related issues
Updated by Tom Clegg almost 4 years ago
- Related to Feature #16669: Accept OpenID Connect access token added
Actions