Trying to authenticate Incus through Zitadel for my SPA.
Zitadel
Application Type: User Agent
Response Types: Code
Authentication Method: None
Grant Types: Authorization Code, Refresh Token
Auth Token Type: JWT
+User Info inside ID Token
Redirect URIs: incus.domain/oidc/callback
Incus
oidc.issuer → “issuer” value from zitadel.domain/.well-known/openid-configuration
When I call zitadel.domain/oauth/v2/authorize?client_id=XYZ&redirect_uri=incus.domain/oidc/callback&scope=openid&response_type=code it redirects me to incus.domain/oidc/callback, but endpoint just returns:
failed to get state: http: named cookie not present
Ok, I think I get it. The cookies are set in incus.domain/oidc/login endpoint and it gets me redirected to OIDC provider. I don’t have to trigger auth endpoint manually.
Will this “login” endpoint be available in future as I read somewhere you don’t plan to have your own “Incus UI”?
Yeah, we’re going to keep the /oidc/login, /oidc/logout and /oidc/callback endpoints. login and logout are typically called/redirected-to by whatever Incus web UI is installed on the system (we expect our web UIs to be static HTML/JS/CSS so they’ll just use the existing endpoints for OIDC).