Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents

Introduction

UAEPass with OpenID Connect Directory Manager isn't any different with from using oktaOkta, Google, google or any other provider

To download this plugin, go to Joget Marketplace - UAE Pass Directory Manager Plugin.

Plugin Information

Plugins Available in the Bundle:

  1. OpenID Connect Directory Manager for UAEPass

This plugin bundle is compatible with Joget DX7 and onwards.

Expected Outcome

Below is the flow of how it would be if you have successfully implemented it.
With  With clicking the login, you would will be redirected to the next image.

Image Modified

Figure 1: Login screen

Image Modified

Figure 2: Additional Login page using OpenID Directory manager with UAEPass


Upon successfully login logging in with your register idregistered ID, email, or phone you would will be getting a push notification on your UAE Pass mobile application to confirm your identity.

Image Modified

Figure 3: Push Notification in mobile

After confirming it with your mobile app you are in.

...

Get Started

Prerequisites / Assumptions

1. UAE Pass Account

Above is are the things a company need needs to have in order to achieve the above flow. FIrstFirst, a company need needs to submit appropriate document documents to the government for onboarding. Second, they need to have the necessary information and even an account with UAE Pass. Finally, they need to have the UAE Pass mobile application on their mobile device.

But for this tutorial, we only will be using the staging credential and staging app.
Below is the necessary stuff if you want to follow along.

...

So that is all the necessary stuff that you would need and below is the configuration.

2.

...

Configuration

Image Removed

API Domain/IP Whitelist

To ensure the successful operation of this plugin, it is essential to whitelist the domains or IP addresses of the host. Typically, this involves adding the IP address or domain name of your Joget application server to the whitelist. To access this section of Joget, go to Settings → General Settings and scroll down till you see API Domain/IP Whitelist section.

Image Added

Figure 4: API Domain/IP Whitelist


NameDescription
API Domain Whitelist (Separated by ';')

Domain whitelist to allow API calls to Joget Workflow. Separated by semicolon.

Info
titleExample

"localhost;www.joget.org;dev.joget.org”, or "*" to allow from everywhere.

Warning

In a production environment, do not use "*".

Doing so will allow anyone to call all JSON APIs from the Joget server.

API IP Whitelist (Separated by ';')

IP address whitelist to allow API calls to Joget. Separated by semicolon.

Info
titleExample

"localhost; 192.168.101.10; www.joget.org;dev.joget.org ”, or "*" to allow from everywhere.

Warning

In a production environment, do not use "*".

Doing so will allow anyone to call all JSON APIs from the Joget server.

3. Licensed Users

Please review the Licensed Users in the License section of Joget. If you surpass the allowed user limit, you won't be able to log in to Joget following the Single Sign-On (SSO) process.

Image Added

Figure 5: Licensed Users

Steps

In System Settings, select the Directory Manager Settings.

Select the OpenID Connect Directory Manager - 7.0.0 plugin in the dropdown menu.

Image Added

Figure 6: System Settings Directory Manager Settings


Click on select and the plugin configuration screen will be shown. We will now fill in the plugin configurations.

Image Added

Figure 7: Plugin ConfigurationsFigure 4: Plugin Configuration


So if you already chooses chose the UAEPass issuer in your OpenID connection, you could insert with the endpoints and the testing credentials that has have been given before.
And you would need the response types supported scope and state that is left blank. The last part would be tricky but not that hard.
To find the scope, state, and response types supported would be here.


We are going to dissect the URL. So below Below is the full URL (it is an image) it. We just need to copy the response_type, scope, and state(the highlighted ones) values and we are good to go. 

Figure 58: Authentication URL

The last URL you need for the validation would be here. Take the Token endpoint and fill it up token validation endpoint and we are good to go.



After filling all up your form would be looking will look like the image belowImage Removed

Image Added

Figure 59: Form Plugin Configurations filling completed

And you have come to an end to this tutorial. That would be all. Feel free to try it out and comment away if you need help with anything.

...

OpenID Connect Directory Manager Properties

Attribute

Value

Issuer

UAEPass

Authorization Token Endpoint

https://stg-id.uaepass.ae/idshub/authorize

Token Endpoint

https://stg-id.uaepass.ae/idshub/token

Token Validation

https://stg-id.uaepass.ae/idshub/introspect

User Info Endpoint

https://stg-id.uaepass.ae/idshub/userinfo

Response Type Supported

code

Client ID

sandbox_stage

Client Secret

sandbox_stage

Scope

urn:uae:digitalid:profile:general

State

HnlHOJTkTb66Y5H