Creating or Editing an OpenID Authentication Shared Resource
OpenID Authentication shared resources can be created or edited using the TIBCO BPM Enterprise Administrator.
Procedure
- From the TIBCO BPM Enterprise Administrator, select Shared Resources Manager.
- From the list in the left pane, select Open ID Authentication.
-
Click
.
-
Configure the OpenID Authentication shared resource using the following descriptions.
Definition
Property Description Name (Required) The unique name of the OpenID Authentication shared resource. The name value is case insensitive. Description A description for the OpenID Authentication shared resource. Access token URI (Required) The REST OpenID token service URI, which is used to obtain an ID Token for the authenticated user. Client ID (Required) The ID that identifies the client at the Identify Provider (IdP). This, and the Client Secret (see below), are obtained from the IdP when the client registers an application with the IdP for the purpose of providing authentication for users. Client secret (Required) The password for the Client ID account. Enabled Select to enable this OpenID Authentication shared resource for Single Sign-On use. Currently, only one OpenID Authentication shared resource can be enabled. URI
Property Description Redirect URI (Required) The URI to which the IdP will redirect the user after authenticating the user and generating an ID Token. Authorization URI (Required) The REST Open ID user claims/information service URI, which is used to obtain user profile information. JSON web keyset URI (Required) The URI to the JSON Web Key Set (JWKS), which is a JSON data structure that represents a set of public keys used to verify the signature of the JSON Web Token (JWT) ID Token issued by the IdP. User key Specifies the claim that is used to identify the user taken from the list of claims that are returned from the IdP (based on the Auth scope). - Click Save.
Copyright © 2021. Cloud Software Group, Inc. All Rights Reserved.