问题
Following the guide Setting up Sign in with Apple as a Custom OpenID Connect identity provider I get to the end, I click Save and I get the error:
"The issuer 'https://appleid.apple.com' found at the metadata endpoint {my endpoint} is already in use by an identity provider."
What am I missing? Is the guide still valid?
This question have also been raised as an issue on GitHub.
回答1:
This error is shown when you have two custom identity providers, the metadata point for which have the same issuer.
Please check metadata document at well known endpoints (/.well-known/openid-configuration) for your existing custom identity providers.
Check for issuer field there. If you already have an issuer field on other metadata endpoints, you will get this error.
Azure AD B2C enforces the distinct issuer. The reason being that unique id of the user depends on the client Id in that system. If you have two apps in Facebook, Facebook will give you separate unique user Id for same user using different apps. So AADB2C wants that connection to one issuer is established through only one identity provider.
Update1 This seems to be a real issue. However the reasoning will be same. Will notify the engineering.
Update2 The fix is rolled out for this issue.
来源:https://stackoverflow.com/questions/58971848/sign-in-with-apple-guide-the-metadata-endpoint-is-already-in-use-by-an-identit