Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

Single sign-on (SSO) is a way to log in only once and access different applications using the same login details. It is convenient, efficient and secure. You just need to change the password once and not have to worry about updating it across other applications. 



Default value ""

Client ID provided by Identity Provider. If it is not present, the SSO functionality is disabled.


Default value ""

Provide the Base URL to the associated Identity Provider. Read access is required for the /.well-known/openid-configuration file to acquire the relevant Provider Configurations.

Default value ""

The name of the provider needs to be Azure if it is used and groups are returned as uids.


Default value "roles"

Path in ID Token or UserInfo object to find an array of users Access groups as defined by the Access Controller, separated with a dot (.).
The groups should be an array of Strings.
Here the groups array is inside and object.
{ myObject : { myGroups : [ "myGroup1", "mygroup2" ] } }
The path should then be:
groupPath: myObject.myGroups
When the group's array is direct under UserInfo then groupPath is just the name of the group's array.



Available authentication methods are CLIENT_SECRET_BASIC and PRIVATE_KEY_JWT



Default value ""

This property sets the relevant Client Secret. Needs to be encrypted.

You need to add the following values to the OIDC provider


as redirect URLs:

The following properties are mandatory when PRIVATE_KEY_JWT is used as an authentication method: