My site SSO has been broken since the introduction of the
sso provider secrets setting. To fix it, I needed to move my sso secret from the
sso secret setting to the
sso provider secrets setting.
So, as far as I can tell, the
sso secret setting has been replaced by the
sso provider secrets setting with no backward compatibility. Am I right?
If I am, then a UI bug remains: in the
enable sso provider setting, “…requires sso_secret to be set” should be replaced by “…requires sso_provider_secrets to be set”