Done.

Let us know when you need staging or prod.

:expressionless:

Thanks @kevin! What do I need to provide to get a client ID and secret?

I just checked them into our private ansible variables... which I suppose only helps if you are using our ansible playbooks to configure things.

Where is the dev instance and how would you like us to get this information there?

I don't know if a dev instance is up and running yet. I think @cverna's plan is to run on openshift. It looks like the RFR is #7257.

I was thinking that since this is using the dev instance the secret could be shared and stored in the github repository so anyone can use in their development environment.

Please let me know if thats wrong or would not work ?

The RFR is for the staging instance which is managed by ansible so having the secrets in ansible is fine for staging.

For the iddev instance, we don't actually generate client IDs by the infra team, but rather use the dynamic registration endpoint.
flask-oidc has a script oidc-register that you can use here.

@cverna: sharing any secrets is a very bad habbit to teach, especially when people can register themselves.
In addition, as part of the registration, you register the return URL, which might not be the same for everyone.

Ok yes that works for me.

Then we just need to document how to use oidc-register in the development environment setup.