Open ID Settings#
Using these settings we can add Open ID configuration to allow logging into the FAIR Wizard instance via external identity provider. First, press Create button and fill Name of the service (use only lowercase alphanumeric characters or dash symbols). Then, we should prepare the client application on the side of OpenID service:
Use Callback URL (and optionally Logout URL) to create the client
Obtain Client ID and Client Secret
Obtain OpenID endpoint URL (we may get one ending with
/.well-known/openid-configuration
, if so we just use the part before this suffix)Configure the client to have the following claims:
openid
,profile
,email
Configure the client to provide the following details in ID tokens:
email
,given_name
,family_name
Back in the FAIR Wizard settings, we can fill Client ID, Client Secret, and URL from our OpenID client together with optional Parameters (usually not needed). Finally, we can configure how the log-in button will look like by setting Icon (by using Font Awesome), Name, Background, and text/icon Color.
Note
After setting a new OpenID service, we should directly test it and verify that the configuration works well. For that, we can simply open our FAIR Wizard instance in a new anonymous window of the web browser.