Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

We have some trouble with SSO (OIDC).
We would like to integrate “of the shelf” programs, that support OAuth2, seamlessly in our backend. Those programs are used internally. The user should not notice explicitly, that a particular part of our service is provided by those programs. That’s what I mean with seamless.  So in that regard it should behave as just another backend service we use internally.
We managed to connect those programs to Ory via OAuth2/OIDC. But with OAuth2, whenever a user wants to access a service provided by those programs, an OAuth flow is started, that directs to a consent screen, with a redirect afterwards. That is not what we want. In particular, since we are developing a mobile app in parallel to our web app.
Is that possible via OAuth2 and OIDC? And if so how?
Or do we need to look for a completely different solution to this problem? And how could that look like?
Any hints or pointers welcome!

You can skip the consent screen: <https://changelog.ory.sh/announcements/skip-showing-oauth2-consent-screen-for-1p-apps>