Layer7 API Management

 View Only

Proper way to handle OIDC consent

  • 1.  Proper way to handle OIDC consent

    Posted May 30, 2025 05:09 AM

    I have customized our authorize endpoint to bypass consent for specific domains.
    I have worked on other solutions where after accepting the consent this state is kept in the IDP.

    What is the proper way of doing this in the API gateway since there is nothing I can see in the assertion where the consent decisions is persisted against a user id and a device.

    What is the proper way of handling this in Layer7