Service Manager

Home 

Setting Up Authentication for OpenID

1.From the Configuration Console, click Configure > Security Controls > Authentication Providers to open the Authentication Providers workspace.

2.From the New Record Menu drop-down list, select New Open ID.

3.Enter data into the fields.

Field Description
Default

Specifies if this authentication provider is called.

Automatically set by the application. You change this in the list. To make this authentication provider the default, you must first change the default setting for all other authentication providers to false and then change the default setting for this authentication provider to true.

Disabled Specifies if this authentication provider is disabled.

Name

The name of the OpenID provider.

Open ID Provider URL

The OpenID URL from the provider. For example, the OpenID URL for Google is https://www.google.com/accounts/o8/id.

Logout URL

The URL to which users are directed when logging out of the authentication provider.

After logging out from Service Manager, the OpenIDConnect endsession endpoint is called and clients in the same browser session are also signed out.

Sort Order

Specifies the sort order of this provider in relation to other providers assigned to a user. A value of 1 means that this provider is used first for authentication when logging in. If a login failure occurs (such as a server failure or incorrect password), the application uses the next provider in the sort order. The last successfully authenticated login is highlighted in the Enable External Auth area of the employee record. Use this field only if multiple authentication providers are configured.

Do not put the OpenID authentication first in a sort order for multiple authentication providers because the application does not sequence single sign-on logins. Only one is allowed. If the login attempt fails with the OpenID authentication, there is no fallback.

Auto Provisioning

Adds new users via authentication. You have the option to auto provision the role, status, and team for the new user. If selected, the application creates an employee record if a user logs in using authentication and does not already have an employee record.

The employee record created shows the Is Auto Provisioned box checked and the Creation Method field has Auto Provisioned through OpenID by default.

Auto Provision Role

Only displays if you check Auto Provisioning.

The role associated with the new user.

Auto Provision Status

Only displays if you check Auto Provisioning.

The status of the new user.

Auto Provision Team

Only displays if you check Auto Provisioning.

The team associated with the new user.

Auto Provision User Business Object

Only displays if you check Auto Provisioning.

The type of user record to create. Can be either employee or external contact.

4.Click Save.


Was this article useful?