On Thu, Jan 14, 2016 at 9:48 AM, Stian Thorgersen <sthorger@redhat.com> wrote:

On 13 January 2016 at 22:09, Thomas Raehalme <thomas.raehalme@aitiofinland.com> wrote:
Hi!

Google doesn't accept wildcards in redirect URLs. This means I have to create a separate client for every realm in the Google console.

Any chance we could have a shared redirect URL across realms? Maybe as an option in the federation configuration? Then I could share the same Google config for each tenant.
-1 The client in Google should be per-realm as otherwise you're also sharing the config in Google (logo, contact email, etc) and also consent. Also, all logic here is per-realm so it would be a fair bit of special code to be able to support this.

I understand your points, but in a SaaS application with a realm per tenant, it would simplify operations a great deal. You'd probably be sharing the config in Google anyways.

For example, themes are also shared across realms so would it really be such a big problem considering the advantages?

Best regards,

Thomas