I am creating an OIDC integration for OIN and I have it working for my Okta tenant. When I configure it so a user can login from their Okta dashboard, I have the initiate login URL specified, and when it is called, the tenant’s base URL is a query string parameter. Obviously, I need to use the base URL to call the authorize endpoint to get the code, the token, and ultimately the userinfo. When I am making these calls, I will need to use the new tenant’s client id, secret, etc. Will I need to have this information for each new tenant that I want to connect with?
Yes, that’s correct.
If I am going to then call their authorize end point, I need to provide a redirect URI to have them return to my site after they have been validated. Does this mean they will need to add my URI to their list of redirect URIs?