External Identity Provider

Instead of the default Protogrid login page, an external identity provider can also be configured for an Environment by means of OAuth 2.0 and Open ID Connect. In this case, Protogrid forwards unauthenticated users to an external login service. This service verifies the identity of the users (e.g. with multi-factor authentication or single sign-on) and, if successful, forwards the users back to Protogrid, where they are immediately granted access according to the fine-grained, Protogrid-internal permission management. For this purpose, based on the e-mail address supplied by the identity provider ('email' field in the ID token), the corresponding Protogrid User Card is located and the Protogrid Roles listed there take effect.

Our Protogrid experts will be happy to set up an external login page for your Environment. For this purpose, please provide the following information:

  • OpenID Connect Client Identifier
  • OpenID Connect Client Secret
  • OpenID Connect Server Metadata URL