On Чцв, 14 сне 2023, Russ Long via FreeIPA-users wrote:
Thanks Alexander.
I did associate the IDP with the user account, and allowed that user to use the idp auth type.
That troubleshooting section helped, I was able to find this response after increasing the oidc debug level:
{"error":"unauthorized_client","error_description":"client missing grant type authorization_code"}
I'm unsure if this is something I need to change on the IPA or zitadel side.
On Zitadel side. See https://zitadel.com/docs/guides/solution-scenarios/device-authorization for an example of configuring the OIDC client on Zitadel side. Note that you should add grant for 'Device Code'.