- 3 minutes to read
- Print
- DarkLight
- PDF
How to manage OpenID providers
- 3 minutes to read
- Print
- DarkLight
- PDF
This document provides a step-by-step guide on how to add or remove OpenID providers in senhasegura.
Path to access
- On senhasegura, in the upper-left corner, click the Grid Menu, represented by the nine squares, and select Settings.
- In the side menu, select Authentication > OpenID > Providers.
Add provider
On the OpenID Providers report page, in the top bar, click View actions, represented by the three vertical dots icon, and select New provider.
In the Provider Registration window, on the Main Information tab, fill in the fields below:
- Type: from the drop-down menu, select the type of OpenID provider to be used.
InfoPlease note that each provider will require specific information, so check the provider's settings whenever further information is required.
- Enable: select the status of the OpenID provider at the time of creation. By default, it is always selected as Yes.
- Environment: select the environment that the OpenID provider will be in.
- Client ID: client ID for connection. This ID is provided by the OpenID provider when registering a new application.
- Client secret: select the secret of the OpenID authentication provider. This secret is provided by the OpenID provider when registering a new application.
- Domain or public IP for URL redirection: insert the senhasegura's domain or public IP address. It is used by the OpenID provider to redirect the user back to their application after authentication.
- Redirect URL: specific endpoint in your application to which the OpenID provider will redirect the user after authentication.
- Comments: enter adding additional notes or observations about the configuration.
In the Endpoints configuration section, fill in the fields below:
- OpenID endpoint configuration: insert the endpoint that configures OpenID. It is the base URL provided by the OpenID provider. This URL describes the endpoints required for OpenID interactions. This configuration automates the discovery of endpoints in general.
InfoThis field is only required if the URL fields for the endpoints aren't filled in. The user must fill in at least one of the two available fields:
OpenID endpoint configuration
orURL of the other endpoints
. If the URL of the other endpoints field isn't filled in, the user must fill in theOpenID endpoint configuration
field to ensure that the services are configured correctly.In the URL of other endpoints section, fill in the fields below:
- Authorization endpoint: insert the URL provided by the OpenID provider, used by the application to send authorization requests.
- Token endpoint: insert the URL made available by the OpenID provider, where the application sends requests to exchange the authorization code for an access token.
- Userinfo endpoint: URL made available by the OpenID provider, through which the application can request information on the authenticated user's profile, using the access token.
In the Extra configurations for provider section, fill in the fields below:
- JWK endpoint (mandatory if it is not in the main openid endpoint): endpoint where the application can obtain the OpenID provider's public keys to validate the access token signature. This field is mandatory if these keys aren’t available on the OpenID configuration endpoint.
- Additional issuers (separated by comma): a list of additional issuers that the application accepts. This is useful when the application needs to support multiple OpenID providers.
Click Save.
Update a provider
To update the information of a previously registered provider, follow the steps below:
- On the OpenID Providers report page, locate the provider you want to update.
- In the Action column, click Update provider, represented by the pencil and paper icon.
- The Provider Registration window will open in edit mode.
If the client's secret isn’t changed, the current information will be kept.
- Update the necessary information and click Save.
Show a provider’s details
To view the provider's details, follow the steps below:
- In the Action column, click the three vertical dots icon and select Provider details, represented by the magnifying glass icon.
- The Provider Registration window will open in preview mode.
- In this window, you can view various details of the registered provider, such as the OpenID endpoint configuration, Authorization endpoint, Userinfo endpoint, Redirect URL, Token endpoint, and Comments.
- To view one piece of information at a time, click the eye icon next to the text field for each detail.
- To exit, close the window.
Delete a provider
- In the Action column, click the three vertical dots icon and select Delete provider, represented by the trash can icon.
- In the confirmation modal, click Yes.
- The Provider Inactivated message will confirm the operation.
Do you still have questions? Reach out to the senhasegura Community.