Content
View differences
Updated by Sajan Gurung about 1 year ago
**As** an administrator
**I want to** have an option to use the first access token returned by the IDP for authentication at OpenProject
**so that** integration can work with IDPs that don't support token exchange.
**Acceptance criteria**
* It is possible for users to choose via UI to not exchange tokens
* when chosen, the access token obtained during login of a user will be used to authenticate requests to OpenProject
**Screenshots**
This is what the corresponding UI looks like in OpenProject:
<img class="op-uc-image op-uc-image_inline" src="/api/v3/attachments/351712/content">
<br>
## \[UPDATE\] Settings changes in user\_oidc app
The implementation of this feature set the minimum user\_oidc app version to `7.1`. Here are the changes in the user\_oidc app settings:
1\. Dropped `token_exchange` and `oidc_provider_token_generation` config settings
2\. New setting to enable token exchange and save login token:
`sudo -u www-data php /var/www/nextcloud/occ config:app:set --value=1 user_oidc store_login_token`
or via webUI
<img class="image_resized op-uc-image op-uc-image_inline" style="width:323px;" src="/api/v3/attachments/382145/content">
**I want to** have an option to use the first access token returned by the IDP for authentication at OpenProject
**so that** integration can work with IDPs that don't support token exchange.
**Acceptance criteria**
* It is possible for users to choose via UI to not exchange tokens
* when chosen, the access token obtained during login of a user will be used to authenticate requests to OpenProject
**Screenshots**
This is what the corresponding UI looks like in OpenProject:
<img class="op-uc-image op-uc-image_inline" src="/api/v3/attachments/351712/content">
<br>
## \[UPDATE\] Settings changes in user\_oidc app
The implementation of this feature set the minimum user\_oidc app version to `7.1`. Here are the changes in the user\_oidc app settings:
1\. Dropped `token_exchange` and `oidc_provider_token_generation` config settings
2\. New setting to enable token exchange and save login token:
`sudo -u www-data php /var/www/nextcloud/occ config:app:set --value=1 user_oidc store_login_token`
or via webUI
<img class="image_resized op-uc-image op-uc-image_inline" style="width:323px;" src="/api/v3/attachments/382145/content">