Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How would LDAP avoid browser round trip #7

Open
DrDaveD opened this issue Jul 29, 2020 · 2 comments
Open

How would LDAP avoid browser round trip #7

DrDaveD opened this issue Jul 29, 2020 · 2 comments

Comments

@DrDaveD
Copy link
Contributor

DrDaveD commented Jul 29, 2020

The document says:

A further challenge is providing Users with initial Access Tokens required for many flows; unless Users are recorded e.g. in an LDAP service trusted by the Authorization Server, a round trip to a browser is required to authenticate the User.

I don't understand how that would work. How would the Authorization Server know who the user is initially without a round trip to the browser?
@hannahshort
Copy link
Contributor

I meant more that an OIDC flow with username/password could be triggered, instead of a Device Code flow. I agree it's not very clear

@DrDaveD
Copy link
Contributor Author

DrDaveD commented Aug 11, 2020

Both OIDC flow and Device flow require round trips to browsers, right? I still don't understand the point you were trying to make. I suggest that you propose here a replacement.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DrDaveD @hannahshort