A number of issues with the OIDC identity provider have been discovered recently.
- The logging is insufficient to debug issues with the IdP
- It does not use the NiFi keystore & truststore but rather the JVM default
- There are grammatical and syntactic errors in log and error messages
- It may not process all claims in the IdP response correctly