Configure an OpenID connect authentication

In this topic, you learn how to set up an authentication via OpenID and how to configure it in your Cockpit.

Prerequisites

  • There are no prerequisites.

Procedure

  1. In the Cockpit, go to Settings, and click System Settings.

  2. Navigate to the Authentication tab and click Edit.

  3. Click Add, and select OpenID Connect.

    settings auth open id

    Result: The Authentication window opens.

  4. In OpenID Connect, fill in or check the following fields:

    1. Enter a Name for the authentication.

    2. Check Active to activate this authentication method.

    3. Check Show on login page to display the authentication method on the login page.

    4. Enter a Description.

    5. Enter a Path to generate the endpoints for the authentication method.

    6. In Client ID, enter the ID of the client that is registered at your identity provider.

    7. Enter the Client Secret.

    8. In Discovery URL, enter a well-known openid-configuration.

    9. In Redirect Url, enter the URL that is used when the client is redirected back from identity provider.

      The URL should look like domain/public/oidc_redirect.html.
  5. In Claims Assignment, click Add to add claims assignments.

  6. If required, in Auto Assignment, assign roles and groups that you have defined in the Role and Security Group tools in the Cockpit.

  7. Optional: In Custom Script, you can enter your code to tweak the roles' assignment manually.

    1. Click OK.

  8. In System Settings, click Restart to activate the OpenID Connect authentication.

Results

  • You have configured and activated an OpenID Connect authentication.