Versions Compared

Old Version 177

changes.mady.by.user Philip Smart

Saved on

compared with

New Version 178

changes.mady.by.user Philip Smart

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Create a client with your OpenID Provider.

    1. Note your client_id and client_secret.

    2. If you want to enable asymmetric (public key) Request Object signature signing and or ID Token or UserInfo token encryption, register any public digital signature and encryption keys with the OP.

  2. Add your client_id to the property idp.authn.oidc.rp.client.clientId.

  3. Add your client_secret to the property idp.authn.oidc.rp.client.clientSecret.

  4. Add conf/authn/oidc-rp-client-secret-credential.xml to the IdP’s credentials.xml file.

  5. Add conf/oidc-credentials.xml to the IdP’s credentials.xml file.

  6. Establish the Proxy Issuer.

  7. Configure a Redirect URL.

  8. Configure the attribute filterto expose claims to the rest of the system.

  9. Change the login flow to OIDCRelyingParty in authn.properties.

    1. Note, if you want to use the RP inside an MFA flow, you will need to consider which c14n flow to run to produce a suitable principalName, see here.

  10. Add the OIDC.SSO profile to relying-party.xml

...