Configure an OpenID Connect authentication

In this topic, you learn how to set up an authentication via OpenID and how to configure it in your Cockpit.

Prerequisites

  • There are no prerequisites.

Procedure

  1. In the Cockpit, go to Settings, and select System Settings.

  2. In the Authentication tab, select Edit.

  3. Select Add, and select OpenID Connect.

    Result: The Authentication window opens.

  4. In OpenID Connect, fill in or select the following fields:

    1. Enter a Name for the authentication.

    2. Select Active to activate this authentication method.

    3. Select Show on login page to display the authentication method on the login page.

    4. Enter a Description.

    5. Enter a Path to generate the endpoints for the authentication method.

    6. In Client ID, enter the ID of the client that is registered at your identity provider.

    7. Enter the Client Secret.

    8. In Discovery URL, enter a well-known openid-configuration.

    9. In Redirect Url, enter the URL that is used when the client is redirected back from identity provider.

      The URL should look like domain/public/oidc_redirect.html.

  5. In Claims Assignment, select Add to add claims assignments.

  6. If required, in Auto Assignment, assign roles and groups that you have defined in the Role and Security Group tools in the Cockpit.

  7. Optional: In Custom Script, you can enter your code to tweak the roles' assignment manually.

    1. Select OK.

  8. In System Settings, select Restart to activate the OpenID Connect authentication.

Results

  • You have configured and activated an OpenID Connect authentication.

Related topics