OAUTH2/OIDC properties setup
Here's where you can complete all of the OAuth2/OIDC specific settings for integration with your single-page or multi-page web application.
Once you have completed all of these fields and saved your settings, you can integrate your customer interfaces using OIDC with the following options:
The Client ID is automatically generated when you save the Application at the end of this process. This is the primary identifier used by your application to trust Strivacity when it performs any services on its behalf (such as authentication). This is public.
The Client Secret is automatically generated when you save the Application at the end of this process. This is a secret used by your application to trust Strivacity when it performs any services on its behalf (such as authentication). This should be kept private.
Token endpoint authentication method
This setting instructs Strivacity on how clients will authenticate. This corresponds to OIDC token_endpoint_auth_method. Supported settings include "BASIC" or "POST". You typically do not need to change this setting.
JWT signing method
Strivacity uses RS256 as the default algorithm for signing the JSON Web Tokens (JWTs). RS256 generates and uses an asymmetric signature.
Allowed callback URLs
Here is where you configure the allowed callback URLs for the OIDC transaction. This typically corresponds to redirect_uri that an OIDC client would pass to Strivacity when a user wants to authenticate.
Allowed logout URLs
Here is where you configure the allowed Logout URLs for the OIDC transaction. This typically corresponds to logout_uri that an OIDC client would pass to Strivacity when a user initiates a logout transaction.
Here is where you configure the landing page for your application. This is where the user will end up once they finish logging in through Strivacity. For example https://yourwebsite/loginpage.
The Strivacity-hosted login page is not an entry point to the customer authentication flow.
Here is where you can specify the claim dialect that is used by this Application. By default, the 'OpenID Connect' default claim dialect is used.
Enable refresh tokens
This is a customer convenience setting where you can enable or disable the use of refresh tokens, which means that any OIDC tokens can automatically refresh without requiring the customer to have to log back in.
Updated 5 months ago