Hi guys,
I am having an issue when setting up oidc with our Azure AD backend. I want to use preferred_username
as the default username since this is only field which is unique (email and name are recycled and reusable)
preferred_username
is returned by JWT via ‘profile’ scope, but not by the UserInfo endpoint. And because UserInfo appears in the discovery document, the plugin opt to use it instead of JWT, making preferred_username
unavailable for username suggestion.
I have seen another user got similar issue and he needed to patch the code himself (here)
Microsoft actually recommends to use JWT instead of UserInfo.
I think it is sensible to provide it as a configurable option?
Cheers