Setup an External OIDC Identity Provider
Setting up an external OIDC login with any third-party identity provider requires establishing a trusted relationship between Fusion and the third-party identity provider.

Configuring Fusion with an External OIDC Identity Provider (IdP)

Following these steps will enable you to setup an external OIDC identity provider with Fusion (and your application).
1) Start by logging into the Admin Console using an admin account.
2) From the left-hand menu, select External Login, then Enterprise Login.
3) From the Enterprise Login screen, click the + Create Enterprise Login Provider button from the top right hand corner.
4) From the Create Enterprise Login Provider screen click the OIDC icon as shown below:
Click to Enlarge
5) The Create OIDC Login Provider screen will now be displayed as shown below:
Click to Enlarge
The table below provides guidance on how to complete and use these fields on the General tab:
Field Name
Description
Name
Define a name for this Enterprise OIDC Login Provider. This name is used to refer to this provider throughout Fusion.
Login Button Text
This is the text that is displayed on the login button on the log-in screen. If no custom text is displayed here then the name will be used.
Description
Define a description to help other Fusion admins understand what this provider is used for.
Client ID
The Client ID is automatically generated by Fusion when you save the Application at the end of this process. This is the primary identifier used by your application to trust Fusion when it performs any services on its behalf (such as authentication). This is public.
Client Secret
Here is where you configure the allowed callback URLs for the OIDC transaction. This typically corresponds to redirect_uri that an OIDC client would pass to Strivacity Fusion when a user wants to authenticate.
Auto Discovery
Enter any OIDC auto-discovery URL to enable Fusion to automatically configure this login provider from the Enterprise Identity Provider.
Authorization Endpoint
The Authorization Endpoint will be displayed here based on auto-configuration.
Token Endpoint
The Token Endpoint will be displayed here based on auto-configuration.
Issuer
Any Issuer Information will be displayed here based on auto-configuration.
Userinfo Endpoint
The Userinfo Endpoint will be displayed here based on auto-configuration.
Scopes: OpenID
The default OpenID Connect scopes can be enabled or disabled.
Scopes: Extra
Any additional scopes can be added here.
Customer Data Handling
If you choose to synchronize and store any profile data at each login, then Fusion will retrieve and store this information which will be visible to the customer in the My Account page and to any Fusion Admin's when managing the customer identity.
7) Once completed, click the Save button. You will now be able to view the Claim Mappings tab, and edit and add any additional claims for this OIDC integration.
6) Once you've made any changes to Claim Mappings, you're ready to copy the ClientID and Client Secret from your third-party application, and paste the respective values into the ClientID and Client Secret fields. Click Save.
Fusion will use the User (Read) attributes of the customers profile. If you choose to synchronize and store any account profile data at each login, then Fusion will retrieve and store this information which will be visible to the customer in the My Account page, and to and Fusion Admin's when managing the customer identity.
Export as PDF
Copy link