MatthewH.10249 (State of Iowa) asked a question.
What are the downsides to changing all custom Authorization Servers to "DYNAMIC" issuer mode? We have some custom Authorization Servers that predate the "DYNAMIC" issuer mode option so they are assigned currently to either to "Custom URL" or "Okta URL". For consistency I was thinking about changing them all to "DYNAMIC" but don't want to introduce any issues for apps using them. Would this be transparent to apps since "DYNAMIC" would allow either URL?
The following Okta documentation references the "DYNAMIC" issuer mode that I'm referring to above.
https://developer.okta.com/docs/reference/api/authorization-servers/*property-details
"After you configure a custom URL domain, all new Custom Authorization Servers use CUSTOM_URL by default. If the Dynamic Issuer Mode feature is enabled, then all new Custom Authorization Servers use DYNAMIC by default. All existing Custom Authorization Servers continue to use the original value until changed using the Admin Console or the API, so that existing integrations with the client and resource server continue to work after the feature is enabled."
Hi, @MatthewH.10249 (State of Iowa)
Thank you for posting on our Community page!
I suggest you leverage the Okta Developer forums for this type of questions and take advantage of their expertise.
https://devforum.okta.com/
I will keep the question open for others to contribute with their experience.
Thank you for reaching out to our Community and have a great day!
--
Join the discussion for the Ask Me Anything online event on May 23, 2024 with Okta Tactical Edge Product Experts