Hi Nipuna, This is because we have secured the .well-known endpoint as a secure resource by default. If you check the identity.xml, you'll see an entry similar to below. Setting secured="false" (and restarting the server) should remove security from the endpoint.
<Resource context="(.*)/.well-known(.*)" secured="true" http-method="all"/> On Mon, Aug 5, 2019 at 4:33 PM Nipuna Prashan <[email protected]> wrote: > Hi All, > > I need to integrate AWS console login with WSO2 IS. I found some videos > and blogs on how to achieve this using SAML, but I am interested to know > how the same can be done using OIDC which is supported by AWS. > > [image: image.png] > When configuring an identity provider from AWS console, we need to provide > the provider URL and the Audience (Client ID). I am tring this with WSO2 > Identity cloud. Therefore I tried the provider URL as > https://identity.cloud.wso2.com/oauth2/token, but the AWS console printed > the following error message. > > [image: image.png] > > Since AWS looks for .well-known/openid-configuration URL, I provided the > expected link as > https://identity.cloud.wso2.com/oauth2/oidcdiscovery/.well-known/openid-configuration. > Still > I am getting the same error message. > I got the 401 error message for an local pack curl URL as well. That > means, we have to provide basic auth credentials for OpenID Connect > Discovery. > > Sample working curl as per document [1] is curl -v -k --user admin:admin > https: > //localhost:9443/oauth2/oidcdiscovery/.well-known/openid-configuration > > Is there an alternative way to achive $subject. Your thoughts would be > highly appreciated. > > [1] https://docs.wso2.com/display/IS570/OpenID+Connect+Discovery > > Regards, > Prashan. > -- > > *Nipuna Prashan* | Senior Software Engineer | WSO2 Inc. > (m) +94711852792 | | (e) [email protected] > WSO2, Inc.; http://wso2.com > > http://wso2.com/signature > > _______________________________________________ > Dev mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/dev > -- Omindu Rathnaweera Associate Technical Lead, WSO2 Inc.
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
