<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Thu, Jan 14, 2016 at 9:48 AM, Stian Thorgersen <span dir="ltr"><<a href="mailto:sthorger@redhat.com" target="_blank">sthorger@redhat.com</a>></span> wrote:<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote"><span class="">On 13 January 2016 at 22:09, Thomas Raehalme <span dir="ltr"><<a href="mailto:thomas.raehalme@aitiofinland.com" target="_blank">thomas.raehalme@aitiofinland.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><p dir="ltr">Hi!</p>
<p dir="ltr">Google doesn't accept wildcards in redirect URLs. This means I have to create a separate client for every realm in the Google console. </p>
<p dir="ltr">Any chance we could have a shared redirect URL across realms? Maybe as an option in the federation configuration? Then I could share the same Google config for each tenant.</p></blockquote></span><div>-1 The client in Google should be per-realm as otherwise you're also sharing the config in Google (logo, contact email, etc) and also consent. Also, all logic here is per-realm so it would be a fair bit of special code to be able to support this.<br></div></div></div></div></blockquote><div><br></div><div>I understand your points, but in a SaaS application with a realm per tenant, it would simplify operations a great deal. You'd probably be sharing the config in Google anyways.</div><div><br></div><div>For example, themes are also shared across realms so would it really be such a big problem considering the advantages? </div><div><br></div><div>Best regards,</div><div>Thomas</div><div></div></div><br>
</div><div class="gmail_extra"><br></div><div class="gmail_extra"><br></div></div>