About
Warning
This authenticator is a legacy authenticator. It is recommended to plan for migrating the authenticator to the new protocol agnostic authenticator architecture. More information about the legacy authenticators can be found here.
OpenID Connect is a simple identity layer on top of the OAuth 2.0 protocol. It allows Clients to verify the identity of the End-User based on the authentication performed by an Authorization Server, as well as to obtain basic profile information about the End-User in an interoperable and REST-like manner. PhenixID authentication Server supports implicit and authorization code flows.
Some of the parameters are shared across authenticators. Instead of duplicating they are stated here.
Shared parameters
| Name | Description | Default value | Mandatory |
|---|---|---|---|
| redirectTemplate | If reqired, a template redirecting user to location after successful authentication | N/A | No |
| allowedRP | Array of allowed RP calling this authentcator. Add RP like '["rp1","rp2"]' | [] | Yes |
| requireConsent | Should user give consent prior to redirecting after successful authentication | false | No |
| consentTemplate | Template showing consent | oidcconsent | No |
| errorTemplate | Template showing error | error.template | No |
| alwaysRunPipe | Always run pipe (even when session was authenticated before). | false | No |