Multiple OpenID Connect providers in one tenant? #11722 | Support Center

mdepouw created one year ago

Is there a way to configure multiple OpenID Connect providers out the box?

reference: Authentication configuration:

{
  "Authentication": {
    "AllowSocialLoginSettingsPerTenant": false,
    "Facebook": {
      "IsEnabled": "false",
      "AppId": "",
      "AppSecret": ""
    },
    "Twitter": {
      "IsEnabled": "false",
      "ApiKey": "",
      "ApiKeySecret": ""
    },
    "Google": {
      "IsEnabled": "false",
      "ClientId": "",
      "ClientSecret": "",
      "UserInfoEndpoint": "https://www.googleapis.com/oauth2/v2/userinfo"
    },
    "Microsoft": {
      "IsEnabled": "false",
      "ConsumerKey": "",
      "ConsumerSecret": ""
    },
    "OpenId": {
      "IsEnabled": "true",
      "ClientId": "4fb5e652-dc58-4370-95ca-fdfb3ba46273",
      "Authority": "https://spottedmahnb2c.b2clogin.com/spottedmahnb2c.onmicrosoft.com/B2C_1_BlahNewFormat/v2.0/",
      "Issuer": "https://spottedmahnb2c.b2clogin.com/80033dfd-6eab-42c4-bdf2-4e223d4b396f/v2.0/",
      "LoginUrl": "https://spottedmahnb2c.b2clogin.com/spottedmahnb2c.onmicrosoft.com/B2C_1_BlahNewFormat/oauth2/v2.0/authorize",
      "ValidateIssuer": "true",
      "ResponseType": "id_token",
      "ClaimsMapping": [{
          "claim": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
          "key": "name"
        }, {
          "claim": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
          "key": "emails"
        }
      ]
    },
    "WsFederation": {
      "IsEnabled": "false",
      "Authority": "",
      "ClientId": "",
      "Tenant": "",
      "MetaDataAddress": ""
    },
    "JwtBearer": {
      "IsEnabled": "true",
      "SecurityKey": "DemoProjectDemo_blah",
      "Issuer": "DemoProjectDemo",
      "Audience": "DemoProjectDemo"
    }
  }
}

Go to accepted answer

4 Answer(s)

0

ismcagdas created one year ago
Support Team

Hi @mdepouw

If you set AllowSocialLoginSettingsPerTenant to true, then each tenant can define OpenIDConnect settings in the settings page. Does that work for you ?
0

mdepouw created one year ago

Hi @ismcagdas 👋 - unfortunately no. We need multiple OpenID connect providers within one tenant.

sidenote: question title updated to better reflect the ask
0

ismcagdas created one year ago
Support Team

Hi @mdepouw

Thanks. Currently this is not supported. Current system can be modified to support multiple OIDC providers. Will you ask user to select OIDC provider on hte login page to login with ?
0

mdepouw created one year ago

Currently this is not supported

I figured that was the case. I didn't want to start customizing when there's some functionality I wasn't aware of. GTG, thanks!

Have an answer to this question? Log in and write your answer.