@JNICKELL thanks for your message. I’ll do my best to reply to all of its topics.
The Rhino Accounts secure disclaimer lists that it supports OID Connect protocol
I think there is some confusion there. What we meant to say was that Rhino Accounts is itself an Open ID Connect Provider that third parties can use in their plugins/websites to integrate into the Rhino ecosystem (this forum itself uses Rhino Accounts).
When I designed the system, I had a long thought process on what third-party providers would be accepted. For security reasons that are beyond the scope of this post, I deemed it unwise to support any Open ID Connect Provider, since Rhino Accounts places some blind trust on the provider to accomplish certain features, like transparent account creation/synchronization. The reason why we don’t support Okta is simply because you are the very first person to request support for it.
Also the requirement to place a file at an HTT P web address is not very supportable in today’s HTTP S internet.
Believe it or not, we originally had it working with HTTPS, but precisely because our biggest customers didn’t support it, we had to go back and support HTTP. Either way, if your server redirects HTTP to HTTPS (like almost any server does), it will still work in a HTTPS environment. If this method doesn’t work for you, we will happily arrange alternate methods of proving your domain.