Merge pull request kinde-oss#582 from kinde-oss/Fix/Add-OIDC-refs

clairekinde11 · web-flow · commit 58c83f8716fa · 2025-09-30T13:55:44.000+10:00
Update custom-oauth2-connection.mdx
diff --git a/src/content/docs/authenticate/custom-configurations/custom-oauth2-connection.mdx b/src/content/docs/authenticate/custom-configurations/custom-oauth2-connection.mdx
@@ -7,24 +7,24 @@ relatedArticles:
   - 26e55a64-13dd-4c7b-b9ad-e7595903ddc8
   - 64079be6-be72-4b63-a9d1-4466af4d49be
   - a5225946-27ad-41c0-a3c1-9a6d735e3efb
-description: Step-by-step guide to setting up custom OAuth2 connections including OAuth provider setup, credentials configuration, and Kinde integration.
+description: Step-by-step guide to setting up custom OAuth2 and OIDC connections including OAuth provider setup, credentials configuration, and Kinde integration.
 metadata:
   topics: [authenticate]
   sdk: []
   languages: []
   audience: [developer, integration-engineer]
   complexity: advanced
-  keywords: [custom OAuth2, OAuth provider, client ID, client secret, callback URL, custom connection, identity provider]
-  updated: 2025-09-19
+  keywords: [custom OAuth2, OIDC, OAuth provider, client ID, client secret, callback URL, custom connection, identity provider]
+  updated: 2025-09-30
 featured: false
 deprecated: false
 ---
 
-You can enable users to sign up and sign in using their credentials from any OAuth2-compatible identity provider. To set this up, you need access to your OAuth2 provider's developer console and a little technical know-how. We recommend setting this up in a non-production environment first, to test the connection thoroughly.
+You can enable users to sign up and sign in using their credentials from any OAuth2- and Open ID connection- compatible identity provider. To set this up, you need access to your provider's developer console and a little technical know-how. We recommend setting this up in a non-production environment first, to test the connection thoroughly.
 
-Custom OAuth 2.0 connections allow you to integrate with any OAuth2-compatible identity provider that isn't natively supported by Kinde. This includes custom identity providers, enterprise solutions, or specialized authentication services.
+Custom OAuth 2.0 and Open ID connections allow you to integrate with any compatible identity provider that isn't natively supported by Kinde. This includes custom identity providers, enterprise solutions, or specialized authentication services.
 
-## OAuth 2.0 provider requirements
+## OAuth 2.0 / OIDC provider requirements
 
 Before connecting your custom OAuth2 provider, ensure it supports the OAuth2 authorization code flow and can provide user profile information including email address. The provider must also support HTTPS for all endpoints.
 
@@ -36,9 +36,9 @@ Disclaimer: the following steps are a guide to what needs to happen on the custo
 
 ## Step 1: Get the custom connection credentials
 
-1. Navigate to your OAuth2 provider's developer console or admin panel.
-2. Create a new OAuth2 application or client.
-3. Configure your OAuth2 application settings:
+1. Navigate to your provider's developer console or admin panel.
+2. Create a new application or client.
+3. Configure your application settings:
 
    1. Set the application type to **Web Application** or **Confidential Client**.
    2. Add your **Authorized redirect URIs**. These are your Kinde domain or custom domain callback URLs. For example, `account.customdomain.com/login/callback`. If you don't have this, you can copy it from the Kinde connection and add it later.
@@ -49,11 +49,11 @@ Disclaimer: the following steps are a guide to what needs to happen on the custo
 5. Save your application configuration.
 6. Copy the following information, which is required to set up the Kinde connection:
    
-   - **Authorization URL**: The OAuth2 authorization endpoint URL
-   - **Token URL**: The OAuth2 token endpoint URL
+   - **Authorization URL**: The authorization endpoint URL
+   - **Token URL**: The token endpoint URL
    - **User Info URL**: The endpoint to retrieve user profile information
-   - **Client ID**: Your OAuth2 application's client ID
-   - **Client Secret**: Your OAuth2 application's client secret
+   - **Client ID**: Your IdP application client ID
+   - **Client Secret**: Your IdP application client secret
 
 ## Step 2: Set up the Kinde connection
 
@@ -76,14 +76,14 @@ Disclaimer: the following steps are a guide to what needs to happen on the custo
 9. In the **Callback URL** section:
    1. If you use Kinde's domain as your default, copy the Kinde domain URL.
    2. If you use custom domains, select the **Use custom domain instead** switch.
-   3. If you have only one custom domain, copy the Custom domain URL. If you have custom domains for multiple organizations, select each one from the list and copy the callbacks for each. You need to enter all custom domain callbacks in your OAuth2 app.
+   3. If you have only one custom domain, copy the Custom domain URL. If you have custom domains for multiple organizations, select each one from the list and copy the callbacks for each. You need to enter all custom domain callbacks in your app.
 10. Select which applications to switch this on for. If you are in a prod environment, this makes the connection live.
 11. Select **Save**.
-12. Use the copied Callback URL to finish setting up your OAuth2 app, see below.
+12. Use the copied Callback URL to finish setting up the provider configuration, see below.
 
 ## Step 3: Add the callback URL to your custom connection
 
-1. Navigate to your OAuth2 provider's developer console or admin panel.
+1. Navigate to your provider's developer console or admin panel.
 2. Enter the callback URL you copied from the Kinde configuration window.
 3. Save.
 
@@ -99,9 +99,9 @@ After configuring your custom OAuth2 connection, test it thoroughly in a non-pro
 
 If you encounter issues with your custom OAuth2 connection, here's some things to try.
 
-1. **Verify endpoint URLs**: Ensure all OAuth2 endpoint URLs are correct and accessible
-2. **Check scopes**: Confirm that your OAuth2 provider supports the required scopes
-3. **Validate callback URLs**: Ensure all callback URLs are properly configured in your OAuth2 application
+1. **Verify endpoint URLs**: Ensure all endpoint URLs are correct and accessible
+2. **Check scopes**: Confirm that your provider supports the required scopes
+3. **Validate callback URLs**: Ensure all callback URLs are properly configured in the IdP application
 4. **Review user info response**: Verify that the user info endpoint returns data in the expected format
 
 For additional support, contact Kinde support or refer to your OAuth2 provider's documentation.
