Versions Compared

Old Version 6

changes.mady.by.user Sarabjeet Kaur

Saved on

compared with

New Version Current

changes.mady.by.user DocReviewer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

OpenID Connect (OIDC) is a federated SSO authentication protocol built processed over OAuth2.0 and is already supported for authentication in the Kyvos Web Client.

...

Aura tab collection
paramsJTdCJTIyZ2VuZXJhbCUyMiUzQSU3QiUyMnRhYlNwYWNpbmclMjIlM0EwJTJDJTIydGFiV2lkdGglMjIlM0ExMDAlMkMlMjJ0YWJIZWlnaHQlMjIlM0E1MCUyQyUyMmRpcmVjdGlvbiUyMiUzQSUyMmhvcml6b250YWwlMjIlN0QlMkMlMjJjb250ZW50JTIyJTNBJTdCJTIyYmFja2dyb3VuZENvbG9yJTIyJTNBJTdCJTIyY29sb3IlMjIlM0ElMjIlMjNmZmYlMjIlN0QlMkMlMjJib3JkZXIlMjIlM0ElN0IlMjJzdHlsZSUyMiUzQSUyMnNvbGlkJTIyJTJDJTIyd2lkdGglMjIlM0ExJTJDJTIydG9wJTIyJTNBdHJ1ZSUyQyUyMmJvdHRvbSUyMiUzQXRydWUlMkMlMjJsZWZ0JTIyJTNBdHJ1ZSUyQyUyMnJpZ2h0JTIyJTNBdHJ1ZSUyQyUyMmNvbG9yJTIyJTNBJTdCJTIybGlnaHQlMjIlM0ElMjIlMjNjY2NlY2YlMjIlN0QlN0QlMkMlMjJwYWRkaW5nJTIyJTNBJTdCJTIydG9wJTIyJTNBMTAlMkMlMjJyaWdodCUyMiUzQTEwJTJDJTIyYm90dG9tJTIyJTNBMTAlMkMlMjJsZWZ0JTIyJTNBMTAlN0QlN0QlMkMlMjJhY3RpdmUlMjIlM0ElN0IlMjJiYWNrZ3JvdW5kQ29sb3IlMjIlM0ElN0IlMjJjb2xvciUyMiUzQSU3QiUyMmxpZ2h0JTIyJTNBJTIyJTIzZjU4MjI3JTIyJTdEJTdEJTJDJTIydGV4dCUyMiUzQSU3QiUyMmZvbnRTaXplJTIyJTNBMTYlMkMlMjJjb2xvciUyMiUzQSU3QiUyMmxpZ2h0JTIyJTNBJTIyJTIzMDAwMDAwJTIyJTdEJTJDJTIydGV4dEFsaWduJTIyJTNBJTIybGVmdCUyMiUyQyUyMmZvbnRXZWlnaHQlMjIlM0ElMjJib2xkJTIyJTdEJTdEJTJDJTIyaG92ZXIlMjIlM0ElN0IlMjJiYWNrZ3JvdW5kQ29sb3IlMjIlM0ElN0IlMjJjb2xvciUyMiUzQSUyMiUyM2RmZTFlNiUyMiU3RCUyQyUyMnRleHQlMjIlM0ElN0IlMjJmb250U2l6ZSUyMiUzQTE4JTJDJTIyY29sb3IlMjIlM0ElMjIlMjM1ZTZjODQlMjIlMkMlMjJ0ZXh0QWxpZ24lMjIlM0ElMjJsZWZ0JTIyJTJDJTIyZm9udFdlaWdodCUyMiUzQSUyMmxpZ2h0ZXIlMjIlN0QlN0QlMkMlMjJpbmFjdGl2ZSUyMiUzQSU3QiUyMmJhY2tncm91bmRDb2xvciUyMiUzQSU3QiUyMmNvbG9yJTIyJTNBJTIyJTIzZjRmNWY3JTIyJTdEJTJDJTIydGV4dCUyMiUzQSU3QiUyMmZvbnRTaXplJTIyJTNBMTYlMkMlMjJjb2xvciUyMiUzQSUyMiUyMzVlNmM4NCUyMiUyQyUyMnRleHRBbGlnbiUyMiUzQSUyMmxlZnQlMjIlMkMlMjJmb250V2VpZ2h0JTIyJTNBJTIybGlnaHRlciUyMiU3RCUyQyUyMmJvcmRlciUyMiUzQSU3QiUyMnRvcCUyMiUzQXRydWUlMkMlMjJsZWZ0JTIyJTNBdHJ1ZSUyQyUyMnJpZ2h0JTIyJTNBdHJ1ZSUyQyUyMmJvdHRvbSUyMiUzQXRydWUlMkMlMjJ3aWR0aCUyMiUzQTElMkMlMjJzdHlsZSUyMiUzQSUyMnNvbGlkJTIyJTJDJTIyY29sb3IlMjIlM0ElN0IlMjJsaWdodCUyMiUzQSUyMiUyM2NjY2VjZiUyMiU3RCU3RCU3RCU3RA==
Aura tab
summaryOIDS Settings for Confidential Client
paramsJTdCJTIydGl0bGUlMjIlM0ElMjJPSURTJTIwU2V0dGluZ3MlMjBmb3IlMjBDb25maWRlbnRpYWwlMjBDbGllbnQlMjAlMjIlN0Q=

OIDC authentication for Kyvos Web Portal and Excelerate Web.

Parameter/Field

Comments/Description

Client Id

Client ID provided by the authorization server upon registration of the application. This ID is used for identifying the client.

Client Secret

Secret to be used for authentication method. Kyvos Manager encrypts this secret.

Authorization URL

Endpoint URL provided by the authorization server.

Token URL

Access Token Endpoint URL provided by the authorization server.

Scope

Space-separated lists of identifiers are used to specify what access privileges are being requested from the authorization server in the initial authorization request. If left blank, the default 'openid profile email' will be used

Single Logout URL

URL to which the users are redirected on logging out. If left blank, there will be no single logout.

Verify ID Token

Select the checkbox to verify the signature of the ID tokens. If it is set as No, Kyvos will retrieve ID Token, decode it, and will use its claims without verifying its signature.

Authorization Server OpenId Metadata URL

Endpoint URL on the authorization server which provides metadata about the OIDC configuration of the authorization server.

Aura tab
summaryOIDC Settings for Public Client
paramsJTdCJTIydGl0bGUlMjIlM0ElMjJPSURDJTIwU2V0dGluZ3MlMjBmb3IlMjBQdWJsaWMlMjBDbGllbnQlMjIlN0Q=

OIDC authentication for Kyvos Web Portal and Excelerate desktopDesktop.

Enter details as:

Parameter/Field

Comments/Description

Client Id

Client ID provided by the authorization server upon registration of the application. This ID is used for identifying the client.

Authorization URL

Endpoint URL provided by the authorization server.

Token URL

Access Token Endpoint URL provided by the authorization server.

Scope

Space-separated lists of identifiers are used to specify what access privileges are being requested from the authorization server in the initial authorization request. If left blank, the default 'openid profile email' will be used

Single Logout URL

URL to which the users are redirected on logging out. If left blank, there will be no single logout.

Verify ID Token

Select the checkbox to verify the signature of the ID tokens. If it is set as No, Kyvos will retrieve ID Token, decode it, and will use its claims without verifying its signature.

Authorization Server OpenId Metadata URL

Endpoint URL on the authorization server which provides metadata about the OIDC configuration of the authorization server.

...