IBM Verify

IBM Verify

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

Using allowed_query_args in IAG to send data to cloud login page

  • 1.  Using allowed_query_args in IAG to send data to cloud login page

    Posted Thu June 08, 2023 10:04 AM

    Hi,

    I am trying to use allowed_query_args to send data to cloud login page of Verify from IBM application gateway. The config yaml of IAG is as below:

      oidc:
        discovery_endpoint: "https://xxxxxx.verify.ibm.com/oidc/endpoint/default/.well-known/openid-configuration"
        client_id: "xxxxxxxxxxxxxxxxxxxxxx"
        client_secret: xxxxxxxxxxxxx
        allowed_query_args:
          - login_hint
          - usertype

    Invocation URL: https://xxxxxx.com/pkmsoidc?iss=default&login_hint=%7B%22realm%22:%22cloudIdentityRealm%22%7D&usertype=premium

    The purpose is to send a user selection in usertype query parameter to cloud login page so that I can customize the cloud login page displayed to the user during runtime. The usertype query parameter is appended to the oauth request but I could not find any documentation on how to retrieve the usertype query parameter on the cloud login page. Let me know if this is possible.

    Thanks.



    ------------------------------
    Imran Aziz
    ------------------------------