Hello, Is it possible to set up our own OIDC to authenticate in GoodData and also use GoodData managed users? The idea is to have top level users managed by GoodData, client users managed by our own identity provider with OIDC and have SSO for the embedded version (or maybe for the embedded to have API token)

Hi Goran, This is not possible just yet. But we are preparing the possibility to have multiple OIDC providers per organizations (estimate is to deliver it in April). Then it could be possible. However the option with the API tokens should be already possible - you can add users without authenticationId parameter, set their permission and have the application generate API tokens for them.

Hi Boris, thanks for the reply. For the API token it is no problem. Currently we have to decide if we are going to use OICD or create the users in gooddata (currently not available since we haven't decided if we want to do it in GoodData or with our own OICD identity provider). I was wondering if we decide to create them directly in gooddata (via invite user and so on), can we still use identity providers ?

Hi Goran, to use the GoodData auth0 OIDC provider with the invite button uses extra implementation layer on our side (which calls auth0 APIs and GD APIs to create the user). Currently you need to turn this extra layer off to use your own OIDC provder, and I believe this won't change anytime soon.

AFAIK we are going to release OIDC provider per workspace, not per organization. We already support "per organization".