Versions Compared

Old Version 4

changes.mady.by.user Sarah Bigault

Saved on

compared with

New Version 5

changes.mady.by.user Borja Moro Moreno

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
typeflat

OpenID is an open standard that provides user authentication (identity) features and is built upon OAuth 2.0 flows. Like SAML, it uses an external identity provider (IdP) to authenticate the user and enables single sign-on (SSO). While there are several underlying technical differences between SAML and OpenID, the most important differences are that OpenID is a lighter-weight protocol and requires explicit user consent to access as part of its communication flows.

Table of Contents
minLevel2
maxLevel7
typeflat

OpenID satisfies requirements for identity and access in the following ways:

...

  1. Go to the Authentication tab in Preferences → Domain Preferences.

  2. In the OpenID tab, select the Active checkbox.

  3. Below are the fields that you will see in the form. Once you generate the required values in your IdP and entering them in this form, click Update to finish the process. Users will now be able to login to their Devo domains using the IdP credentials:

Home URL

You will need to copy this for when you set up access on the IdP account, outside the Devo Platform. After setting up the Open ID authentication, users will access this URL and will be redirected to the IdP site to enter their credentials.

Client Id and Client secret

Credentials that Devo will use to authenticate API communications with the IdP server. These are generated by the IdP when you register Devo as an app in your IdP account. 

Identity provider URL

This is the secure HTTP URL where Devo needs to direct its requests for authorization (sometimes called the Authorization endpoint). You should copy this from your IdP account.

Token URL

This is the secure HTTP URL where Devo needs to direct its requests for token IDs (sometimes called the Token endpoint). You should copy this from your IdP account.

User provisioning

Select this checkbox if you want users not registered in the domain to be signed up when they enter their credentials for the first time. They will be assigned the No Privileges role.

Example: Use Google as an IdP to set up OpenID

...