Setting up an OIDC Dynamic Provider
To setup a new OIDC dynamic provider with AdminUI you will need to click the Dynamic Authentication
button in the nav bar and then click the "Add" button.
Step 1: Select Type
First you will be presented with a set of options for the type of dynamic provider you will be adding, here you will select OIDC.
OIDC (OpenID Connect)
A provider that uses OIDC.SAML
A provider that uses SAML. Not yet available, will be coming soon.
Note Currently OIDC will already be selected and the only available option, SAML support is planned to be added later.
Step 2: Scheme and display name
Here we setup general information about the dynamic provider, the values you specify are detailed below:
Name | Required | Type | Description |
---|---|---|---|
Scheme |
Yes | Text | String that uniquely identifies this provider |
Display Name |
Yes | Text | Display name used as a user friendly name for the provider |
Step 3: Setup connection
Here is where you define the connection to the external provider, 'Authority' being the location of the provider and the 'Client Id', used to identify this Identity provider with the external identity provider.
Name | Required | Type | Description |
---|---|---|---|
Authority |
Yes | URL | URL of the provider, must begin with https:// |
Client ID |
Yes | Text | ID for the client in the external provider |
OAuth Flow |
Yes | OAuth Flow | Determines the value of the use PKCE option in IdentityServer |
Step 4: Define scopes
Now set scopes used for external provider, by default 'openid' is required but you are able to add more here by entering them in the text box and clicking the add button.
Step 5: Define client secret
Here you can set the secret for the client setup in the external provider, if the external provider does not require a client secret, this can be left blank.
Step 6: Summary
The final step in the creation process is a summary that will allow you to review the settings for the dynamic provider as a whole and then also go back and make changes. There is also the option disable the provider if you do not wish it to be active immediately.