Is there a way to configure multiple OpenID Connect providers out the box?
reference: Authentication
configuration:
{
"Authentication": {
"AllowSocialLoginSettingsPerTenant": false,
"Facebook": {
"IsEnabled": "false",
"AppId": "",
"AppSecret": ""
},
"Twitter": {
"IsEnabled": "false",
"ApiKey": "",
"ApiKeySecret": ""
},
"Google": {
"IsEnabled": "false",
"ClientId": "",
"ClientSecret": "",
"UserInfoEndpoint": "https://www.googleapis.com/oauth2/v2/userinfo"
},
"Microsoft": {
"IsEnabled": "false",
"ConsumerKey": "",
"ConsumerSecret": ""
},
"OpenId": {
"IsEnabled": "true",
"ClientId": "4fb5e652-dc58-4370-95ca-fdfb3ba46273",
"Authority": "https://spottedmahnb2c.b2clogin.com/spottedmahnb2c.onmicrosoft.com/B2C_1_BlahNewFormat/v2.0/",
"Issuer": "https://spottedmahnb2c.b2clogin.com/80033dfd-6eab-42c4-bdf2-4e223d4b396f/v2.0/",
"LoginUrl": "https://spottedmahnb2c.b2clogin.com/spottedmahnb2c.onmicrosoft.com/B2C_1_BlahNewFormat/oauth2/v2.0/authorize",
"ValidateIssuer": "true",
"ResponseType": "id_token",
"ClaimsMapping": [{
"claim": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier",
"key": "name"
}, {
"claim": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress",
"key": "emails"
}
]
},
"WsFederation": {
"IsEnabled": "false",
"Authority": "",
"ClientId": "",
"Tenant": "",
"MetaDataAddress": ""
},
"JwtBearer": {
"IsEnabled": "true",
"SecurityKey": "DemoProjectDemo_blah",
"Issuer": "DemoProjectDemo",
"Audience": "DemoProjectDemo"
}
}
}
4 Answer(s)
-
0
Hi @mdepouw
If you set
AllowSocialLoginSettingsPerTenant
totrue
, then each tenant can define OpenIDConnect settings in the settings page. Does that work for you ? -
0
Hi @ismcagdas 👋 - unfortunately no. We need multiple OpenID connect providers within one tenant.
sidenote: question title updated to better reflect the ask
-
0
Hi @mdepouw
Thanks. Currently this is not supported. Current system can be modified to support multiple OIDC providers. Will you ask user to select OIDC provider on hte login page to login with ?
-
0
Currently this is not supported
I figured that was the case. I didn't want to start customizing when there's some functionality I wasn't aware of. GTG, thanks!