This document explains how to specify the particular configuration of the OpenID parameters settings. Whether you need to enter these, will depend on your IAM selection.
Your own IAM
If you are using your own IAM, and not Haventec IAM, you will need to specify these values. You will need to consult your IAM documentation for these values.
Haventec IAM
If you are using Haventec IAM, most of these fields will be generated for you.
Note: You will need to specify 'Valid domain redirect values' - you must enter your domain here in this format: https://yourdomain/* |
To update the OpenID settings:
- Type: Do not override this setting
- Identity Provider (IdP) Issuer: Haventec Authenticate is the IdP that Issues the IdP JWT, so this is set to the domain that hosts Authenticate. Typically this is https://api.haventec.com or equivalent on other platforms.
-
Client App Login Page: This is the URL of your Application's login page
- Valid domain redirect values: This is the list of URLs that it is valid to redirect back to. Typically, this is your App's domain.
- Valid OpenID redirect URI values: The IdP redirects to the IAM, this whitelists those redirects, to prevent MITM attacks. Typically you should not need to specify this.
Next Step
Related Documents
- Step 3d: Advanced Settings
- Time to Live (TTL) Settings - allows you to control the longevity of the specific tokens generated
- Network Resilience - this feature allows the previously generated authKey to remain valid for a number of retries
Comments
0 comments
Please sign in to leave a comment.