Hello, we're integrating Kratos with a third party generic OAuth2 provider, however, said provider doesn't implement OpenID. Is there a way to still use it? Looking at kratos' source code, I can see that it uses a library for OpenID which tries to query

.well-known/openid-configuration

which fails in our use case (because it returns 404).

Hi @wooden-knife-21216 if the third party provider implements OAuth2.0 then i think there is a way to add the provider to Kratos. But it will require som code

I'm listening 😄

I believe there is an example of this for the gitlab provider and requires some manual http requests to get the claims since it isn't an OpenID compatible provider. https://github.com/ory/kratos/blob/47799098b35ea1cf5a1163f57d872a5bb2242d97/selfservice/strategy/oidc/provider_gitlab.go#L1-L105

would this require our company forking Kratos and using our fork instead?

then yes, you would need to fork it and run the fork.

right, I see

the other option is to get the third party provider to be openID compatible 🙂

yup, was about to ask

well openID is just a small layer on top of OAuth2.0, but how much work that would be, would be dependent on the third party's current implementation. it might be profitable to look into using Ory Hydra for that instead if it would take too long to change the implementation to make it openID compatible. but that's up to the third party i guess 🙂

right, I see, thanks

OpenID connect