Adding OIDC Provider

Setting up an OIDC Dynamic Provider

Step 3: Setup connection

Here is where you define the connection to the external provider, 'Authority' being the location of the provider and the 'Client Id', used to identify this provider with the external identity provider.

Name	Required	Type	Description
Authority	Yes	URL	URL of the provider, must begin with https://
Client ID	Yes	Text	ID for the client in the external provider
Callback Path	Yes	OAuth Flow	Path of the ACS endpoint. Only in RSK mode
OAuth Flow	Yes	OAuth Flow	Determines the value of the use PKCE option in IdentityServer

Step 4: Define Scopes

Now set scopes used for external provider, by default 'openid' is required but you are able to add more here by entering them in the text box and clicking the add button.

Step 5: Define Client Secret

Here you can set the secret for the client setup in the external provider, if the external provider does not require a client secret, this can be left blank.

Step 6: Define Sign-In and Sign-Out Schemes (Only in RSK mode)

Here we select the Sign in and Sign out Schemes that will handle authentication:

Name	Required	Type	Description
Sign in Scheme	Yes	Text	Sign in Scheme representing an authentication handler on your IDS code
Different Sign Out Scheme	No	Boolean	Enable entering Sign out Scheme different to the Sign in Scheme
Sign out Scheme	No	Text	Sign out Scheme representing an authentication handler on your IDS code

The interface offers default schemes for IdentityServer and Asp.Identity in the form of radio buttons. These options will automatically populate the Sign in or Sign out Scheme fields. However, you also have the flexibility to manually enter a custom scheme if desired.

Step 7: Summary

The final step in the creation process is a summary that will allow you to review the settings for the dynamic provider as a whole and then also go back and make changes. There is also the option to disable the provider if you do not wish it to be active immediately.