Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

This plugin source code is available in a new open source repository at https://github.com/jogetoss/openid-connect-authentication.

JogetOSS is a community-led team for open source software related to the Joget no-code/low-code application platform. Projects under JogetOSS are community-driven and community-supported, and you are welcome to contribute to the projects.

...

AttributeDescription
Callback URL

URL to which Auth0 redirects users after they authenticate.

Ensure to provide this Callback URL to your OpenID Connect service.

Issuer
  • Issuer URL
  • Custom

Issuer URL

URL which is used to validate the discovery URL (Issuer URL + "/.well-known/openid-configuration") 

URL where Auth0 can find the OpenID Provider Configuration Document, which should be available in the  /.well-known/openid-configuration  endpoint.

Authorization Token Endpoint

Authorization server's authorization endpoint, which you can retrieve using the server's Metadata URI (Issuer URL + "/.well-known/openid-configuration")

Panel
borderColorgrey
titleColorwhite
titleBGColorgrey
titleSample Format

https://${Issuer URL}/oauth2/${authServerId}/v1/authorize

Available when Issuer  is set to "Custom ".
Token Endpoint
The endpoint on the Authorization Server is used to programmatically request tokens,  which you can retrieve using the server's Metadata URI (Issuer URL + "/.well-known/openid-configuration")
Panel
borderColorgrey
titleColorwhite
titleBGColorgrey
titleSample Format

https://${Issuer URL}/oauth2/${authServerId}/v1/token

Available when Issuer  is set to "Custom ".
User Info Endpoint

User Profile Information,  which you can retrieve using the server's Metadata URI (Issuer URL + "/.well-known/openid-configuration")

Panel
borderColorgrey
titleColorwhite
titleBGColorgrey
titleSample Format

https://${Issuer URL}/oauth2/${authServerId}/v1/userinfo

Available when Issuer  is set to "Custom ".
Json Web Key Set
Issued by the authorization server and signed using the RS256 signing algorithm
Panel
borderColorgrey
titleColorwhite
titleBGColorgrey
titleSample Format

https://${Issuer URL}/oauth2/${authServerId}/v1/keys

Available when Issuer  is set to "Custom ".
Response Types SupportedBy default, code

Client ID

The Client ID provisioned by the OpenID provider when the client was registered

Client Secret

The Client Secret (password) provisioned by the OpenID provider when the client was registered
Scope

A list of Auth0 scopes to request when connecting to the Identify Provider. 

By default, openid profile email

User Provisioning Enabled

If enabled, ensures the user account is created in Joget's User Directory

Save Access Token And Refresh Token To User Meta?

If enabled, saves access token and refresh token (if available, may need to include offline_access in Scope) to user meta: oidcAccessToken and oidcRefreshToken

Tokens can be accessible with User Meta Hash Variable

  • #currentUser.meta.oidcAccessToken#
  • #currentUser.meta.oidcRefreshToken#

Access token can also be refreshed with a Hash Variable #oidc.refreshAccessToken# which will attempt to get a new set of tokens with refresh token if the current access token has expired.


Configure OpenID Connect Login Button

AttributeDescription

Login Button Text

Login button styling text

Panel
borderColorgrey
titleColorwhite
titleBGColorgrey
titleSample Value

Login

Login Button Icon

Login button styling icon class

Panel
borderColorgrey
titleColorwhite
titleBGColorgrey
titleSample Value

fas fa-arrow-right

Button Text Color
Login button styling button text color


Panel
borderColorgrey
titleColorwhite
titleBGColorgrey
titleSample Value

white

Button Background Color
Login button styling button background-color


Panel
borderColorgrey
titleColorwhite
titleBGColorgrey
titleSample Value

black

Sample Configurations

Attribute / ProviderOKTAOKTAGoogleMicrosoft Azure ADAuth0
IssuerIssuer URLCustomIssuer URLCustomIssuer URL
Issuer URLhttps://dev-sample123.okta.com https://dev-sample123.okta.com https://accounts.google.comhttps://login.microsoftonline.com/tenantIDSampleValue/v2.0

Before June 2020, there was no ".us" country in the URL:

https://dev-sample123.auth0.com


Now:

https://dev-sample123.us.auth0.com

Authorization Token Endpoint
https://dev-sample123.okta.com/oauth2/v1/authorize
https://login.microsoftonline.com/tenantIDSampleValue/oauth2/v2.0/authorize 
Token Endpoint
https://dev-sample123.okta.com/oauth2/v1/token
https://login.microsoftonline.com/tenantIDSampleValue/oauth2/v2.0/token  
User Info Endpoint
https://dev-sample123.okta.com/oauth2/
v1userinfo
v1/userinfo
https://graph.microsoft.com/oidc/userinfo 
Json Web Key Set
https://dev-sample123.okta.com/oauth2/v1/keys
https://login.microsoftonline.com/tenantIDSampleValue /discovery/v2.0/keys 
Responses Types Supportedcodecodecodecodecode
Client IDclientIDSampleValueclientIDSampleValueclientIDSampleValueclientIDSampleValueclientIDSampleValue
Client SecretclientSecretSampleValueclientSecretSampleValueclientSecretSampleValueclientSecretSampleValueclientSecretSampleValue
Scopeopenid profile emailopenid profile emailopenid emailopenid profile emailopenid profile email
Documentation Linkhttps://developer.okta.com/docs/reference/api/oidc/https://developer.okta.com/docs/reference/api/oidc/https://developers.google.com/identity/protocols/oauth2/openid-connect

https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-protocols-oidc

https://docs.microsoft.com/en-us/azure/active-directory/develop/quickstart-register-app

To obtain all the URL paths, from your Azure App, go to Overview > Endpoints, look for "OpenID Connect metadata document" and open the URL to obtain all the paths.

Connect to OpenID Connect Identity Provider (auth0.com)



Download Plugin

...