OIDC based external authentication for Kyvos Manager
Applies to: Kyvos Enterprise Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace
Kyvos Azure Marketplace  Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)
OpenID Connect (OIDC) is a federated SSO authentication protocol built over OAuth2.0 and is already supported for authentication in the Kyvos Web Client.
Important
Before you configure the OIDC (Auth2.0) as an external authentication provider for the Kyvos Manager, you must add the following values when creating the application in Identity Provider (IdP) for Single Sign On:
Sign-in redirect URIs: /kyvosmanager/oauthRedirect
Sign-out redirect URIs: /kyvosmanager/#/ssoLogout
For more information about Identity Provider (IdP) for Single Sign On, refer to OKTA Documentation.
To configure the OIDC (Auth2.0)Â as an external authentication provider for the Kyvos Manager, perform the following steps.Â
On the navigation pane, click Kyvos Manager Settings > Web based SSO.
The Web based SSO dialog is displayed.ÂSelect the Enable External Authentication check box to define the external authentication mechanism.
Select the OIDC option from the Provider list.
Enter details as:
Parameter/Field | Comments/Description |
---|---|
Header Name | Enter the name of the HTTP header that contains the user name in the HTTP request. |
Header Type | Select the type of value to be sent by the external authentication tool as an SSO token. |
Error Redirection URL | Enter the URL to which the user will be redirected if there is an error in authenticating the Kyvos application with OIDC |
Disable Native User Login | This option enables or disables the native Kyvos Manager user login in conjunction with external authentication. If the option is selected, users will be redirected to an external authentication site when opening the Kyvos Manager application in a browser. |
For OIDC Settings for Confidential Client and Public client, enter details as:
Click the Save button to save changes.
Copyright Kyvos, Inc. All rights reserved.