diff --git a/app/(dashboard)/oidc/page.tsx b/app/(dashboard)/oidc/page.tsx
index 4ea8956..578ba3d 100644
--- a/app/(dashboard)/oidc/page.tsx
+++ b/app/(dashboard)/oidc/page.tsx
@@ -33,6 +33,7 @@ function providerToFormValues(provider: OidcConfigProvider): OidcProviderFormVal
client_id: provider.client_id,
client_secret: "",
scopes: provider.scopes.join(","),
+ other_audiences: provider.other_audiences.join(","),
redirect_uri: provider.redirect_uri,
redirect_uri_dynamic: provider.redirect_uri_dynamic,
claim_name: provider.claim_name,
@@ -49,8 +50,8 @@ function trimOrEmpty(value: string) {
return value.trim()
}
-function parseScopes(scopes: string) {
- return scopes
+function parseList(values: string) {
+ return values
.split(",")
.map((item) => item.trim())
.filter(Boolean)
@@ -79,7 +80,7 @@ function validateForm(
const clientId = trimOrEmpty(values.client_id)
const clientSecret = trimOrEmpty(values.client_secret)
const redirectUri = trimOrEmpty(values.redirect_uri)
- const scopes = parseScopes(values.scopes)
+ const scopes = parseList(values.scopes)
if (options.requireProviderId) {
if (!providerId) {
@@ -124,7 +125,8 @@ function buildSavePayload(values: OidcProviderFormValues): SaveOidcConfigPayload
display_name: trimOrEmpty(values.display_name),
config_url: trimOrEmpty(values.config_url),
client_id: trimOrEmpty(values.client_id),
- scopes: parseScopes(values.scopes),
+ scopes: parseList(values.scopes),
+ other_audiences: parseList(values.other_audiences),
redirect_uri: trimOrEmpty(values.redirect_uri),
redirect_uri_dynamic: values.redirect_uri_dynamic,
claim_name: trimOrEmpty(values.claim_name),
@@ -150,7 +152,8 @@ function buildValidatePayload(values: OidcProviderFormValues): ValidateOidcConfi
config_url: trimOrEmpty(values.config_url),
client_id: trimOrEmpty(values.client_id),
client_secret: trimOrEmpty(values.client_secret),
- scopes: parseScopes(values.scopes),
+ scopes: parseList(values.scopes),
+ other_audiences: parseList(values.other_audiences),
redirect_uri: trimOrEmpty(values.redirect_uri),
redirect_uri_dynamic: values.redirect_uri_dynamic,
}
diff --git a/components/oidc/form.tsx b/components/oidc/form.tsx
index 6475250..8adbad5 100644
--- a/components/oidc/form.tsx
+++ b/components/oidc/form.tsx
@@ -244,6 +244,21 @@ export function OidcForm({
{errors.scopes}
+
+ {t("Other Audiences")}
+
+ onChange("other_audiences", event.target.value)}
+ placeholder=""
+ disabled={isReadOnly}
+ />
+
+ {t("Comma-separated audience IDs.")}
+ {errors.other_audiences}
+
+
{t("Use Dynamic Redirect URI")}
diff --git a/types/oidc.ts b/types/oidc.ts
index 9e85d5f..b895a2c 100644
--- a/types/oidc.ts
+++ b/types/oidc.ts
@@ -10,6 +10,7 @@ export interface OidcConfigProvider {
client_id: string
client_secret_configured: boolean
scopes: string[]
+ other_audiences: string[]
redirect_uri: string
redirect_uri_dynamic: boolean
claim_name: string
@@ -34,6 +35,7 @@ export interface SaveOidcConfigPayload {
client_id: string
client_secret?: string
scopes: string[]
+ other_audiences: string[]
redirect_uri: string
redirect_uri_dynamic: boolean
claim_name: string
@@ -63,6 +65,7 @@ export interface ValidateOidcConfigPayload {
client_id: string
client_secret: string
scopes: string[]
+ other_audiences: string[]
redirect_uri: string
redirect_uri_dynamic: boolean
}
@@ -83,6 +86,7 @@ export interface OidcProviderFormValues {
client_id: string
client_secret: string
scopes: string
+ other_audiences: string
redirect_uri: string
redirect_uri_dynamic: boolean
claim_name: string
@@ -104,6 +108,7 @@ export const DEFAULT_OIDC_FORM_VALUES: OidcProviderFormValues = {
client_id: "",
client_secret: "",
scopes: "openid,profile,email",
+ other_audiences: "",
redirect_uri: "",
redirect_uri_dynamic: false,
claim_name: "groups",