Please upgrade here. These earlier versions are no longer being updated and have security issues.
HackerOne users: Testing against this community violates our program's Terms of Service and will result in your bounty being denied.

OpenID Connect and SSO Callback

I'm trying to set up a page (let's call it with embedded Vanilla comments. The idea is that when a user logs in to they are also logged in to Vanilla via OIDC SSO.

A user can already log in to using OIDC. During the log in process to the auth provider gives all of its SSO targets an SSO token using an HTTPS GET call, e.g. The SSO targets should at this point store the SSO token e.g. to a cookie and later append it and another query parameter (prompt=none) to the authorization url to log in to the application silently without additional user interaction.

Are there any plugins that already implement this flow? I'm currently using the OAuth2 plugin, but it does not seem to support this use case.


Sign In or Register to comment.