Problem Description

Currently, Coder supports a single OIDC provider for authentication, which limits flexibility in environments where multiple user groups from different organizations need access. This is especially relevant in cases such as company mergers or partnerships, where users belong to different organizations, each with its own OIDC provider.

Desired Solution

Support multiple OIDC providers within a single Coder deployment to enable seamless login for users across different organizations. This will allow administrators to configure and manage multiple OIDC providers for distinct user groups.

Implementation Requirements

• Configuration:

  • Allow configuring multiple OIDC providers by suffixing environment variables (e.g.,_1,_2) for each provider set:

    CODER_OIDC_ISSUER_URL_1="https://provider1.com"CODER_OIDC_CLIENT_ID_1="client-id-1"CODER_OIDC_CLIENT_SECRET_1="secret-1"CODER_OIDC_EMAIL_DOMAIN_1="coder.com"CODER_OIDC_CODER_ORG_1="coder" # should match an existing org in CoderCODER_OIDC_ISSUER_URL_2="https://provider2.com"CODER_OIDC_CLIENT_ID_2="client-id-2"CODER_OIDC_CLIENT_SECRET_2="secret-2"CODER_OIDC_EMAIL_DOMAIN_2="domain2.com"CODER_OIDC_CODER_ORG_2="coder-external" # Should match an existing org in Coder

• Login UI:

  • Display each configured OIDC provider option on the login page with custom text and icons per provider (e.g.,CODER_OIDC_SIGN_IN_TEXT_1,CODER_OIDC_ICON_URL_1).

• Documentation:

  • Update documentation to include multi-provider configuration examples and instructions for setting up additional providers.

Related Issues:

• Allow user account to have multiple Authentication methods #15014
• Support Multiple GitHub OAuth Providers #15457