Hello, I have implemented delegated authentication to Azure Active Directory as detailed in https://apereo.github.io/cas/5.3.x/integration/Delegate-Authentication.html
If I configure the responseType "code" (or none at all - "code" is the default), then everything works perfectly. However, when I configure "id_token" like this: cas.authn.pac4j.oidc[0].responseType=id_token cas.authn.pac4j.oidc[0].useNonce=true then the series of redirects within CAS after successful authentication to Azure breaks at one point, where the following Redirect-URI is generated by CAS: https://mydomain.com/cas/login?null=&client_name=My_Azure_ClientName In place of "null" there should actually be this parameter: id_token=eyJ0eXAiOiJKV.... If I put this parameter into the URI manually, then the redirection flow succeeds and CAS authenticates as expected. Also, if I use the "code" responseType, then in place of that "null" there is the expected "code=0.ATAAHe5MXM..." parameter in the URI. Is this a bug in CAS or did I perhaps forget to configure something? Kind regards, Ulrich -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/51df5eda-5906-4ade-8092-ad59b0723ef9n%40apereo.org.
