Cannot select idp.resource.${someId} to create token-exchange policy for Identity Provider #34682
Description
Before reporting an issue
- I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
admin/ui
Describe the bug
It is currently not possible to create a token-exchange policy for an Identity Provider to allow external to internal token exchange, because the admi-ui doesn't allow you to select the resource: idp.resource.${someId} and only shows a UUID in the resource field.
Version
26.0.5
Regression
- The issue is a regression
Expected behavior
It should be possible to follow the steps described in the Granting permission for the exchange section of the token-exchange documentation.
Actual behavior
One can only "select" a UUID. Any attempt to select another resource from the list just sets the same UUID in the field.
How to Reproduce?
- Create a dummy OIDC idp
- Goto permissions
- Click token-exchange
- Try to seletc idp.resource.xxxx in the resource field
Anything else?
This effectivly prevents users from creating token-exchange policies for external-to-internal-token exchanges.