We are trying to Sign In the user using OpenID Connect provider - using Code Flow (works fine with implict flow). Issue we are experiencing is that our OIDC provider requires private_key_jwt auth metod to be used.
Only option on Identity Platform when we create custom OpenID Connect provider is Client Secret. I assume we would need to pass Private Key (as with Apple Provider) instead of Client Secret for this to work? Is that even possible with Identity Platform?
No, In Identity Platform Authentication Using OpenID Connect with Apple is not possible with Private Key for that You have to Generate Client Secret.
The reason why we need to create Client secret(for Apple Provider) is mentioned here in the Article as :
Apple’s support for OAuth2 has a number of differences compared to all the other social providers. Most providers (Google, Github, Facebook) generate the client_id and client_secret for you. You just need to keep them in a secure place on the server. In the Apple process, you first download a private key, and then generate a client_secret using that private key. The other difference with Apple is that they don’t support using localhost as a redirect. In the end, I initiate the OAuth2 process on the Flutter client; but all the redirects and the token exchange process happen on the server.
In order to generate the client secret, You can follow the steps mentioned in the Article.
For more information, you can refer to the Answer on how to generate client secrets on Apple Platform.
