Setup an external OIDC Identity Provider

Setting up an external OIDC login with any third-party identity provider requires establishing a trusted relationship between Strivacity and the third-party identity provider.

Configuring Strivacity with an External OIDC Identity Provider (IdP)

Following these steps will enable you to setup an external OIDC identity provider (and your application).

1) Start by logging into the Admin Console using an admin account.

2) From the left-hand menu, select External Login, then Enterprise Login.

3) From the Enterprise Login screen, click the + Create Enterprise Login Provider button from the top right hand corner.

4) From the Create Enterprise Login Provider screen click the OIDC icon as shown below:

Click to EnlargeClick to Enlarge

5) The Create OIDC Login Provider screen will now be displayed as shown below:

Click to EnlargeClick to Enlarge

The table below provides guidance on how to complete and use these fields on the General tab:

Field NameDescription
NameDefine a name for this Enterprise OIDC Login Provider. This name is used to refer to this provider throughout the Admin Console.
Login Button TextThis is the text that is displayed on the login button on the log-in screen. If no custom text is displayed here then the name will be used.
DescriptionDefine a description to help other Strivacity admins understand what this provider is used for.
Client IDThe Client ID is automatically generated by when you save the Application at the end of this process. This is the primary identifier used by your application to trust Strivacity when it performs any services on its behalf (such as authentication). This is public.
Client SecretHere is where you configure the allowed callback URLs for the OIDC transaction. This typically corresponds to redirect_uri that an OIDC client would pass to Strivacity when a user wants to authenticate.
Auto DiscoveryEnter any OIDC auto-discovery URL to enable Strivacity to automatically configure this login provider from the Enterprise Identity Provider.
Authorization EndpointThe Authorization Endpoint will be displayed here based on auto-configuration.
Token EndpointThe Token Endpoint will be displayed here based on auto-configuration.
IssuerAny Issuer Information will be displayed here based on auto-configuration.
Userinfo EndpointThe Userinfo Endpoint will be displayed here based on auto-configuration.
Scopes: OpenIDThe default OpenID Connect scopes can be enabled or disabled.
Scopes: ExtraAny additional scopes can be added here.
Customer Data HandlingIf you choose to synchronize and store any profile data at each login, then will retrieve and store this information which will be visible to the customer in the My Account page and to any Admin's when managing the customer identity.

7) Once completed, click the Save button. You will now be able to view the Claim Mappings tab, and edit and add any additional claims for this OIDC integration.

6) Once you've made any changes to Claim Mappings, you're ready to copy the ClientID and Client Secret from your third-party application, and paste the respective values into the ClientID and Client Secret fields. Click Save.

Strivacity will use the User (Read) attributes of the customers profile. If you choose to synchronize and store any account profile data at each login, then Strivacity will retrieve and store this information which will be visible to the customer in the My Account page, and to any Admin's when managing the customer identity.