Skip to main content

OIDCAuthIntegration

OIDCAuthIntegration provides a way to store Open ID Connect credentials. This will be used in the admin to provide staff logins for users.

type OIDCAuthIntegration {  enabled: Boolean!  allowRegistration: Boolean!  targetFilter: AuthenticationTargetFilter!  name: String  callbackURL: String!  redirectURL: String  clientID: String  clientSecret: String  authorizationURL: String  tokenURL: String  jwksURI: String  issuer: String}

Fields#

enabled (Boolean!)#

enabled, when true, allows the integration to be enabled.

allowRegistration (Boolean!)#

allowRegistration when true will allow users that have not signed up before with this authentication integration to sign up.

targetFilter (AuthenticationTargetFilter!)#

targetFilter will restrict where the authentication integration should be displayed. If the value of targetFilter is null, then the authentication integration should be displayed in all targets.

name (String)#

name is the label assigned to reference the provider of the OIDC integration, and will be used in situations where the name of the provider needs to be displayed, like the login button.

callbackURL (String!)#

callbackURL is the URL that the user should be redirected to in order to continue the authentication flow with the given integration. This field is not stored, and is instead computed from the Tenant.

redirectURL (String)#

redirectURL is the URL that the user should be redirected to in order to start an authentication flow with the given integration. This field is not stored, and is instead computed from the Tenant.

clientID (String)#

clientID is the Client Identifier as defined in:

https://tools.ietf.org/html/rfc6749#section-2.2

clientSecret (String)#

clientSecret is the Client Secret as defined in:

https://tools.ietf.org/html/rfc6749#section-2.3.1

authorizationURL (String)#

authorizationURL is defined as the authorization_endpoint in:

https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

tokenURL (String)#

tokenURL is defined as the token_endpoint in:

https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

jwksURI (String)#

jwksURI is defined as the jwks_uri in:

https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata

issuer (String)#

issuer is defined as the issuer in:

https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderMetadata