https://www.ory.sh/ logo
Join Slack
Powered by
Hi Everyone, Is it possible to get either an autom...
# talk-kratos
b
Hi Everyone, Is it possible to get either an automatic email <-> idp lookup or an api call to fetch a list of the oidc op configured ? Thanks !
My goal is to have an initial email form and my backend will determine the IDP associated based on the domain part of the email.
From my research and tests: I tried creating a native login flow and update it with as an oidc flow.
Copy code
result, res, err := ory.FrontendApi.UpdateLoginFlow(oryAuthedContext).Flow(flow.Id).
		UpdateLoginFlowBody(
			oryclient.UpdateLoginFlowWithOidcMethodAsUpdateLoginFlowBody(
				oryclient.NewUpdateLoginFlowWithOidcMethod("oidc", "google"),
			),
		).Execute()
but it gives me 422: Unprocessable Entity
l
That’s expected. The response data should have a 
redirect_browser_to
value
b
What do you mean exactly ? Is an 
UpstreamParemeters
?
Do you know a sample code I can refer to ?
l
You have to redirect the user to the 
redirect_browser_to
value (which is a url) to continue the OIDC flow.
b
is this field in the initial flow ? because the error occurs during the flow update. I don't want my user to see all my identity providers
l
422
is actually considered a success in this context. It is just how Ory chose to signal that you need to redirect the user. See https://www.ory.sh/docs/reference/api#tag/frontend/operation/updateLoginFlow for more details.
b
ah ok 😄 I read the body and see thanks Brandon
Great it works
Below are the google workspace scopes:
but the redirect gives me this: (the page says the scope email is forbidden
Are we missing something ? 😛
The redirect url asks for : 
scope=openid+email+profile
Open in Slack
PreviousNext
Powered by