HCL Domino Ideas Portal

Welcome to the #dominoforever Product Ideas Forum! The place where you can submit product ideas and enhancement request. We encourage you to participate by voting on, commenting on, and creating new ideas. All new ideas will be evaluated by HCL Product Management & Engineering teams, and the next steps will be communicated. While not all submitted ideas will be executed upon, community feedback will play a key role in influencing which ideas are and when they will be implemented.

For more information and upcoming events around #dominoforever, please visit our Destination Domino Page

Add a new idea Subscribe
Status Needs Review
Workspace Domino
Categories Security
Created by Guest
Created on Oct 3, 2025

RELATED IDEAS

Add support for OIDC client credentials flow

We have a requirement to support M2M authentication with Domino using the client credentials flow (part of the OIDC spec) from an external OIDC provider. We are using Entra ID as OIDC provider.

Domino needs to support the access token from that flow which does not contain a scope claim (which is currently a requirement in Domino 14.5).

  • Attach files
  • Guest
    Feb 25, 2026

    From What's New in 14.5.1 Early Access 1:

    https://help.hcl-software.com/domino/14.5.1/admin/wn_security_updates_1451.html

    • The OIDC_ALLOW_ACCESS_TOKEN_WITHOUT_SCOPE=1 notes.ini variable can now be set to entirely ignore a missing scope Claim in an access token. Since ignoring missing scope Claims can reduce the security of your environment, we recommend only setting this variable when using a provider that refuses to send the scope Claim, such as Microsoft Entra ID when using the M2M (client credentials) flow.

    Reply
                                    Copyright © 2025 HCLSoftware Limited