OpenID Connect Authentication

OpenID Connect Authentication Flow

The procedure for linking OpenID Connect authentication with the WebPerformer-NX application is as follows

	Setup for Okta	Setup for Azure AD
Single Sign on URL	English：Single Sign on URL Japanese：シングルサインオン URL	English：Redirect URI Japanese：リダイレクト URI

Verify the information required to register an identity provider with an external IdP.
• For Azure AD
1. Application ID (client ID) of the registered application
2. Issuer URL (e.g., [https://login.microsoftonline.com//v2.0])
3. Issue the client secret and obtain the value of the client secret
• For Okta
1. Client ID of the registered application
2. Okta URL (e.g., [https://oktaice.okta.com])
3. Get the secret value of the client secret.
Register an identity provider.
Place a button from the component list as a button for external authentication on the sign-in screen (Sign In ID) of the authentication UI.
Open the properties screen of the button for external authentication placed in step 6, and set the following.
- Select “IdP” from the click event.
- Enter the name of the identity provider registered in step 5 in the “IdP” field.
Save the sign-in screen (Sign In ID) of the authentication UI.

Item

Input

Description

Identity Provider Name

Required

Arbitrary names must be other than single-byte spaces, underscores, and commas.
The maximum number of characters is 32.

Client ID

Required

This is the value of OpenID Connect Authentication Linkage Procedure 4 - 1.

Client Secret

Required　

The value of the OpenID Connect authentication linkage procedure 4 - 2.

Issuer URL

Required

The value of the OpenID Connect authentication linkage procedure 4 - 3.

Attribute Mapping　

Required

Set up a mapping between user attributes and OIDC attributes.

Be sure to map the OIDC attribute mapping to the user attribute [email] to the attribute for which email information is registered.