Introspection when using AuthType auth-openidc

[enolfc]

Hi!

I'm setting up mod_auth_openidc with multiple providers, things work just fine when using AuthType openid-connect.

Now when I try to use AuthType auth-openidc, I'd like that the introspection endpoint is used when the server receives bearer token but I don't know how to make that work for different providers. So I can use:

OIDCOAuthIntrospectionEndpoint https://xxx
OIDCOAuthClientID myclient_id
OIDCOAuthClientSecret mysecret

in the Apache configuration but that of course will only work for one of the providers. Is it possible to configure multiple introspection endpoints?

Thanks!

[zandbelt]

no, that is not possible; it's also counter-intuitive to what OAuth 2.0 is supposed to support (as opposed to OpenID Connect): a resource would typically have Resource Owner .

[enolfc]

Ok, so I understand none of the OIDCOAuth* options are taken from the metadata dir.

Thanks!

[zandbelt]

that's correct: all of the OIDCOAuth* options are for a single statically configured Authorization Server only