Document toolboxDocument toolbox

OIDC based external authentication for Kyvos Manager

Applies to: Kyvos Enterprise  Kyvos Cloud (SaaS on AWS) Kyvos AWS Marketplace

Kyvos Azure Marketplace   Kyvos GCP Marketplace Kyvos Single Node Installation (Kyvos SNI)


OpenID Connect (OIDC) is a federated SSO authentication protocol built over OAuth2.0 and is already supported for authentication in the Kyvos Web Client.

Important

Before you configure the OIDC (Auth2.0) as an external authentication provider for the Kyvos Manager, you must add the following values when creating the application in Identity Provider (IdP) for Single Sign On:

  • Sign-in redirect URIs: /kyvosmanager/oauthRedirect

  • Sign-out redirect URIs: /kyvosmanager/#/ssoLogout

For more information about Identity Provider (IdP) for Single Sign On, refer to OKTA Documentation.

To configure the OIDC (Auth2.0) as an external authentication provider for the Kyvos Manager, perform the following steps. 

  1. On the navigation pane, click Kyvos Manager Settings > Web based SSO.
    The Web based SSO dialog is displayed. 

  2. Select the Enable External Authentication check box to define the external authentication mechanism.

  3. Select the OIDC option from the Provider list.

  4. Enter details as:

Parameter/Field

Comments/Description

Parameter/Field

Comments/Description

Header Name

Enter the name of the HTTP header that contains the user name in the HTTP request.

Header Type

Select the type of value to be sent by the external authentication tool as an SSO token.

Error Redirection URL

Enter the URL to which the user will be redirected if there is an error in authenticating the Kyvos application with OIDC
Absolute URLs are supported. 
Example: http://host:port/appname

Disable Native User Login

This option enables or disables the native Kyvos Manager user login in conjunction with external authentication. If the option is selected, users will be redirected to an external authentication site when opening the Kyvos Manager application in a browser.

  1. For OIDC Settings for Confidential Client and Public client, enter details as:

  1. Click the Save button to save changes.

Copyright Kyvos, Inc. All rights reserved.