Configuring single sign-on with OpenID Connect |
SE Suite allows single sign-on via OpenID Connect, giving system administrators possibilities of configuration with various identity provider platforms. See below how to configure authentication via OpenID Connect on the Google platform:
1.To configure user authentication via OpenID Connect, access the Configuration component Authentication menu (CM008), select Authentication options from the side menu and check OpenID Connect. 2.From the side menu, in Authentication services OpenID Connect, add a new configuration. On the screen that will open, enter an ID # for this configuration and, in the field corresponding to login, use the value returned by the identity provider and which will be compared with the SE Suite login field (use the e-mail standard). 3.Fill in the fields referring to the configuration in accordance with your service. Examples using the Google service:
▪Authorization Endpoint URL: Identity provider's authorization URL (https://accounts.google.com/o/oauth2/v2/auth) ▪Token Endpoint URL: Identity provider's URL for obtaining the access token (https://oauth2.googleapis.com/token) ▪Client ID: Application identifier provided by the identity provider ▪Client Secret: Application secret provided by the identity provider ▪User Info URL: URL for obtaining a user's additional information in the identity provider (https://openidconnect.googleapis.com/v1/userinfo) ▪Scopes: Scopes that define the authentication request and which sets of information we want to receive (openid email)
For information on how to manage and register the application on Google, refer to the provider's documentation.
|