Identity Provider Integration Settings
Overview
Ory OAuth2 and OpenID Connect is by default configured to work with the Ory Identity Provider. And for most use cases no additional configuration is required. This document will explain how to configure your Ory project to allow for more advanced use cases such as persisting OAuth2 logins through the Ory Identity Provider flows.
It is sometimes necessary to persist an OAuth2 login through a complex Ory Identity flow such as account recovery. The benefit of persisting the OAuth2 login challenge is so that the user does not get stuck on the Ory Identity provider settings page, but instead is redirected back to the original OAuth2 login flow. This allows the user to continue the OAuth2 login flow without having to start over again.
For new projects the Always Return to OAuth2 provider setting is enabled by default. For existing projects you will need to
enable this manually.
Enabling this setting overrides the return_to query parameter and always redirects back to the OAuth2 provider within an OAuth2
login flow. Please ensure that any business logic set by your application is not disrupted by this setting.
- Ory Console
- Ory CLI
In Ory Network we can achieve this by enabling the Enable Override Return To setting in the Ory Console under the
OAuth2 tab -> Identity Integration Settings section.
ory patch ory patch project <your-project-id> \
--replace '/services/identity/oauth2_provider/override_return_to=true'