IBM Security Verify

 View Only

Using allowed_query_args in IAG to send data to cloud login page

  • 1.  Using allowed_query_args in IAG to send data to cloud login page

    Posted Thu June 08, 2023 10:04 AM

    Hi,

    I am trying to use allowed_query_args to send data to cloud login page of Verify from IBM application gateway. The config yaml of IAG is as below:

      oidc:
        discovery_endpoint: "https://xxxxxx.verify.ibm.com/oidc/endpoint/default/.well-known/openid-configuration"
        client_id: "xxxxxxxxxxxxxxxxxxxxxx"
        client_secret: xxxxxxxxxxxxx
        allowed_query_args:
          - login_hint
          - usertype

    Invocation URL: https://xxxxxx.com/pkmsoidc?iss=default&login_hint=%7B%22realm%22:%22cloudIdentityRealm%22%7D&usertype=premium

    The purpose is to send a user selection in usertype query parameter to cloud login page so that I can customize the cloud login page displayed to the user during runtime. The usertype query parameter is appended to the oauth request but I could not find any documentation on how to retrieve the usertype query parameter on the cloud login page. Let me know if this is possible.

    Thanks.



    ------------------------------
    Imran Aziz
    ------------------------------