ory Forward OIDC error parameters: In our SSO setup we initiate the login from our Web App, redirect the user to the OIDC login page, then the user gets sent back to subdomin.projects.oryapis.com, and then back to our Web App. Web App (company.com) -> OIDC login page (oidc.customer.com) -> Ory (company.projects.oryapis.com) -> Web App (company.com) There was an invalid setup but it was hard for us to debug what the error was, as the error was not forwarded to our Web App. The OIDC login page redirected to Ory with the following URL parameters:

&error=invalid_scope&error_description=Custom+scopes+are+not+allowed+for+this+request.

These parameters explain super easily what the issue was, but they are omitted when redirecting to our Web App… Is there a reason these parameters are missing and can these be added to the redirect to the app, so we can more easily investigate and debug SSO issues? Thanks for your insights on this 👌

Could you open an issue in ory/network for this? With as much context as possible (parameters included etc)?

@high-optician-2097 unfortunately not … The issue might be due to the fact that we are building a custom sign-in UI on our Web App: https://github.com/ory/network/issues/325

thank you! we’ll add it to the backlog