We have configured an external IDP and the inbound federation is working fine.
The external IDP has added some groups in a custom scope in their authorization server.
our app needs to retrieve these info ,
Is there any way to pass custom scope created by IDP tenant? We tried passing scope from our security->identoty providers->scopes, but it is resulting in an error ‘user cancelled social login request’
Do you get this error if you log in yourself/via a test user through the IdP? Can you request tokens manually from this IdP with these additional scopes? Is the client configured for used by the IdP in Okta allowed to request this scope?
We are getting this error when we login using the IDP. In our login page ,there is an option to login using IDP where we can give IDP credentials and thus inbound federation happens.
From IDP, they are able to send the scope in request and see the groups through token preview . We have not tested it using postman
Regarding the third question. Does it mean the IDP that has configured an oidc client has to do some configuration in their oidc client app?