Appearance Profiles
In PAS you may configure the appearance of your authentication module via theme and localization configuration.
However, you may wish to use different appearances, languages and configurations in different circumstances (e.g. multitenancy).
This may be realized via appearance profiles -- a way to control which theme and language files are used when the web app is loaded.
How to configure
Appearance profiles may be configured inside the SAMLIDP, OIDC_OP and INTERNAL_AUTHENTICATION_ENDPOINTS configuration entities.
They use this configuration pattern:
| Property name | Description | Allowed/default values |
|---|---|---|
| theme | The id of the theme to use. If the file name is mytheme.json, the theme id is mytheme. |
String |
| localizationConfig | The localization configuration to use. See below for format. | A Json Object |
| use_if_expr | An expression that controls if the profile should be used or not. Available scope is context and request. | String |
The localizationConfig property
This is the configuration pattern for localizationConfig:
| Property name | Description | Allowed/default values |
|---|---|---|
| additionalTranslations | If any additional translation directories should be used. default for the configured languages is always included no matter what. |
List of strings |
| languageIds | List of language ids to use. Default is to use every available language that has either a default directory, or is included in additionalTranslations. |
List of strings |
Configuration example
The following example is how to configure an OpenID Provider so that it uses a specific theme and specific language settings when the relying party some-service is authenticating.
If some other service is using the OpenID provider, it defaults to another theme. There is an example that shows how to do it for a SAML IDP or Internal authentication endpoint as well, essentially its the same identical
configuration but for OIDC the appearanceProfiles configuration property resides within the config block.
"OIDC_OP" : [ {
"id" : "my_oidc_op_id",
"tenant" : "my_oidc_op_id",
"guide_ref" : "guides.oidc.op",
"config" : {
"appearanceProfiles": [
{
"theme": "my-service-specific-theme",
"localizationConfig": {
"additionalTranslations": ["my-other-translation-files"],
"languageIds": ["sv", "en", "fi"]
},
"use_if_expr": "context.requestIssuer.contains('some-service')"
},
{
"theme": "my-theme",
"localizationConfig": {
"additionalTranslations": ["my-other-translation-files"]
},
"use_if_expr": "true"
}
],
"authorization_endpoint": "https://localhost:8443/authentication/oidc/my_oidc_op_id/login",
...
}
}]
Example for SAML IDP:
"SAMLIDP" : [ {
"id" : "myidp",
"name" : "myidp",
"appearanceProfiles": [
{
"theme": "my-service-specific-theme",
"localizationConfig": {
"additionalTranslations": ["my-other-translation-files"],
"languageIds": ["sv", "en", "fi"]
},
"use_if_expr": "context.requestIssuer.contains('some-service')"
},
{
"theme": "my-theme",
"localizationConfig": {
"additionalTranslations": ["my-other-translation-files"]
},
"use_if_expr": "true"
}
], ...
}