Replies: 2 comments 2 replies
-
It doesn't seem that WildApricot is an OpenID Connect provider that would allow users to login, but it is merely an OAuth 2.0 provider. From their webpage https://www.wildapricot.com/features/integrations it also seems that the company providing WildApricot is seriously confused about OAuth 2.0 and OpenID Connect: it falls right into trap described at https://oauth.net/articles/authentication/ by suggesting that you can do SSO with OAuth 2.0 and exposes users to a a wide range of vulnerabilities by doing so. |
Beta Was this translation helpful? Give feedback.
-
Awesome |
Beta Was this translation helpful? Give feedback.
-
My Goal:
An apache server that requires authentication from WildApricot for access.
My configuration:
In the apache access log, when trying to access "/protected"
In the apache error log, when trying to access "/protected"
I've banged my head against this for a while now... I know it should work, but I'm missing something in the config or my understanding of the whole thing . . . .
From a similar thread here, I added:
This just fails differently. There is now no traffic from the web server to WA, and I get the beginnings of the login page, but then an error message in red: " An error has occured. Please try again later. If the problem persists, contact Admin." And there is nothing in the apache logs.
Any ideas what I'm doing wrong?
Thanks,
Scott
Beta Was this translation helpful? Give feedback.
All reactions