-
Type:
Technical Documentation
-
Status: Closed
-
Priority:
Minor
-
Resolution: Completed
-
Affects Version/s: None
-
Component/s: Application Security > OpenID Connect
-
Labels:None
-
Sprint:Iteration 37, Iteration 38, Iteration 39, Iteration 40
-
Type of Documentation:Developer
Background & Features
This functionality allows different SSOs to be configured using OpenId Connect at the Instance Level, until now it was only possible to configure it with System permissions.
This will be useful for SaaS product implementations.
Steps
You can setup a new OpenId Connect provider at Instance Settings - SSO - OpenId Connect Provider.
Note that the option to configure an OpenId Connect Provider from System Settings will still be available. When configured from System Settings, it will be visible to all instances, acting like a default OpenId Connect Provider. And when it is configured at Instance level, it will only be visible to that same Instance.
Different scenarios have been detailed here.
Upgrade Note
Provider configurations created on an earlier version will continue be applied at System level.
Code
- OpenIdConnectProviderConfiguration.java: Class with configuration fields and scoped by Company (Instance)
- OpenIdConnectProviderRegistryImpl.java: Register that will check the available OpenId Connect SSOs for each instance (including the default ones from the System)