Support Forums

Use OpenID Connect for external identity providers

The list of external identity providers is limited to BitBucket, GitLab, GitHub and Google.
As I understand it these integrations worth through OAuth 2.0.

We have a client who would like to identify users on a netlify hosted site using DID.app.
(DID is an Identity provider that focuses on passwordless authentication, disclaimer I am one of the founders there)

At this stage DID is a very small service, obviously not the best candidate for next specific OAuth integration. However we follow the OpenID Connect specification (as I believe the 4 providers you already support do as well)

The OpenID Connect specification includes discovery of all the relevant configuration such as token endpoints. Therefore the only additional information that needs to be specified when setting up on netlify is the url of the provide.

By supporting setting up external identity providers using OpenID Connect, a customer should be able to use any identity provider.

Hi @CrowdHailer, Thank you so much for writing in with this thoughtful reques. I think it would be a great Idea. Note that Identity is built on top of our open source gotrue library. I recommend that you open this request on the gotrue repo, which you can find at https://github.com/netlify/gotrue/issues . There you can engage directly with our devs and have a way to track the request! Thank you.


I opened an issue end of last week. Looking forward to hearing back from your devs.

1 Like

Hi @futuregerald

I opened an issue on the Repo here https://github.com/netlify/gotrue/issues/236
Haven’t heard anything back, I know this is a weird time for everyone but wondered if you might have an update.

1 Like

hey @CrowdHailer, thanks for opening that issue - we don’t have anything to report on that at the moment, and at present i can’t say when we might get to it. We will absolutely update that issue and post where when we do have time and capacity to pick it up, though.

1 Like

I’d love to offer to help. Dunno if the team would be open to a pull request, though I might need some guidance, as have never been a go developer

1 Like

You are absolutely welcome to submit a PR - that’s the best chance of a more immediate timeline, for sure!

1 Like

Just wanted to say I’d really appreciate arbitrary OpenID Connect server support as well! I’m trying to use netlify with a custom OpenID Connect server but realized I’m stuck with just the 3 providers right now.

In the time since this thread was started it looks like there is a fork of the gotrue module with a whole bunch more features than Netlify’s module. I opened a feature request there to add arbitrary OpenID Connect provider support: Support arbitrary OpenID Connect providers for external authentication · Issue #159 · supabase/gotrue · GitHub

Hi @aaronpk,

That is an excellent feature request. Unfortunately, I don’t have an update as to if/when this would become a possibility in the official library, but it can definitely be considered as a great feature to have.