This shows you the differences between two versions of the page.

Link to this comparison view

protogrid:external_identity_provider [2022-04-27 21:39] (current)
dru created
Line 1: Line 1:
 +====== External Identity Provider ======
 +Instead of the default Protogrid login page, an external identity provider can also be configured for an Environment by means of OAuth 2.0 and Open ID Connect. In this case, Protogrid forwards unauthenticated users to an external login service. This service verifies the identity of the users (e.g. with multi-factor authentication or single sign-on) and, if successful, forwards the users back to Protogrid, where they are immediately granted access according to the fine-grained, Protogrid-internal permission management. For this purpose, based on the e-mail address supplied by the identity provider ('email' field in the ID token), the corresponding Protogrid User Card is located and the Protogrid Roles listed there take effect.
 +Our [[protogrid-support@ategra.ch|Protogrid experts]] will be happy to set up an external login page for your Environment. For this purpose, please provide the following information:
 +  * OpenID Connect Client Identifier
 +  * OpenID Connect Client Secret
 +  * OpenID Connect Server Metadata URL