From 65dc795cd69f985a1086498f3f42c063360d20fb Mon Sep 17 00:00:00 2001
From: Danijel Simeunovic <danijel.simeunovic@fortedigital.com>
Date: Thu, 30 Apr 2026 15:50:23 +0200
Subject: [PATCH] idp hint

---
 cluster-resources/policies/auth-sidecar-injector.yaml | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/cluster-resources/policies/auth-sidecar-injector.yaml b/cluster-resources/policies/auth-sidecar-injector.yaml
index 76e24a5..b7acd8e 100644
--- a/cluster-resources/policies/auth-sidecar-injector.yaml
+++ b/cluster-resources/policies/auth-sidecar-injector.yaml
@@ -245,6 +245,8 @@ spec:
                 secretKeyRef:
                   name: "{{ request.object.metadata.annotations.\"policies.forteapps.io/auth-oidc-credentials-secret\" || 'auth-oidc' }}"
                   key: "{{ request.object.metadata.annotations.\"policies.forteapps.io/auth-oidc-credentials-secret-key\" || 'client-secret' }}"
+            - name: AUTH_OIDC_IDP_HINT
+              value: "{{ request.object.metadata.annotations.\"policies.forteapps.io/auth-oidc-idp-hint\" || '' }}"
             - name: AUTH_OIDC_BROKER_ALIAS
               value: "{{ request.object.metadata.annotations.\"policies.forteapps.io/auth-oidc-broker-alias\" || '' }}"
             - name: AUTH_OIDC_BROKER_TOKEN_HEADER
@@ -328,6 +330,8 @@ spec:
               value: "{{ request.object.metadata.annotations.\"policies.forteapps.io/auth-public-paths\" || '/healthz' }}"
             - name: AUTH_MCP_SCOPES_SUPPORTED
               value: "{{ request.object.metadata.annotations.\"policies.forteapps.io/auth-mcp-scopes\" || 'profile'  }}"
+            - name: AUTH_MCP_IDP_HINT
+              value: "{{ request.object.metadata.annotations.\"policies.forteapps.io/auth-mcp-idp-hint\" || '' }}"
             resources:
               limits:
                 cpu: 50m