Skip to content

Provider Settings

Jump to bottom
Ronny Bölter edited this page Nov 9, 2020 · 5 revisions

Provider Settings

All necessary OpenID provider settings are explained in detail on this page:

Custom Provider:

It is possible to configure a custom provider within the OpenID plugin. This can be used e.g. for a self-hosted Keycloak or another OpenID Connect server.

Costum Provider Settings

  • In general every certified OpenID Provider should have the endpoint .../.well-known/openid-configuration. It is important that this endpoint is set as the 'configuration URL', as this URL is used to obtain all the important endpoints for authentication, token validation and user details.
  • It is also important to enter a valid client_id and client_secret. If you do not have this information, ask the person responsible for your OpenID Connect provider.

OpenID Connect Provider:

Besides the custom provider this plugin currently supports ORCID, Google, Microsoft and Apple as OpenID Connect Provider. To get them to work only the client_id and secret is required, because the plugin already knows the .../.well-known/openid-configuration for each provider.

OpenID Connect Settings

ORCID:

Go to https://orcid.org/developer-tools and sign in:

orcid dev tools

Click "Register for the free ORCID public API"

Enter necessary information for your Application:

It is important that you use the redirect URL which is shown in the OpenID Plugins Settings for ORCID, otherwise the authentication process will thrown an unknown redirect error.

ORCID application

Google:

Go to https://console.developers.google.com/apis/credentials : (If you do not have a project yet, you have to create a new one.)

Create new Login Credentials (OAuth client ID):

google oauth

Enter necessary information for your Application:

It is important that you use the redirect URL which is shown in the OpenID Plugins Settings for Google, otherwise the authentication process will thrown an unknown redirect error.

google oauth data

A tutorial can be found here: https://developers.google.com/identity/protocols/oauth2/openid-connect

Microsoft:

Go to the Azure portal: https://portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview (You need to register for Azure if you have not already done so.)

Go to "App registrations" (left menu) and click "new registration". Enter all necessary information and klick register.

App registration

When finished, go to "Certificates & secrets" and create a new secret and copy&paste it to the OpenID plugin settings. The Application (client) ID can be found under Overview.

new secret

© Leibniz Institute for Psychology

Clone this wiki locally