When authenticating with GoogleApps, the process works correctly for user@example.com logins, but fails for user@subdomain.example.com logins. My ‘Hosted Domain’ setting is example.com. The error message received is “The response from the external identity provider contained an error: Incorrect Hosted Domain value. This server is setup to accept users from a specific hosted domain only”. I am pretty sure it is because subdomain.example.com != example.com. Are wildcards necessary (*.example.com)? Or are multiple entries accepted (example.com, subdomain.example.com)?
Thank you for reaching out, and welcome to the Octopus Deploy community!
I’m sorry you are having trouble connecting your Google Apps domain/subdomain to your Octopus Deploy instance, but I would be happy to help take a closer look at things here.
As an initial step, I did some digging to see what I could find in terms of functionality in this area, and based on this UserVoice feature request, it doesn’t look like our Google Apps OIDC connector currently allows for multiple and/or wildcard entries for the the Hosted Domain entry on the Octopus Deploy side of things:
We’ve recently moved to a new platform for user ideas, roadmap.octopus.com, and I know we are already looking at adding some functionality to our existing OIDC connectors in the future, so if you’d like, you can also mention this as a potential improvement here as well (via the Submit Idea button on this page).
I’m sorry I don’t have better news here, but I hope this information helps shed some light on the limitation you’ve run into in using the Octopus Deploy Google Apps OIDC connector, and let me know if I can be of any more assistance.