OpenID Connect configuration example

OpenID Connect is an open standard and decentralized authentication protocol that allows authentication by participating sites, known as relying parties (RP). A third-party service lets users log into multiple unrelated websites using a single identity and password. OpenID Connect is an identity layer on top of the OAuth 2.0 protocol, allowing web-based, mobile, and JavaScript clients to request information about authenticated end-users.

The following example is a configuration of the OpenID Connect authentication service provider.

RequestResponse

"open_id_connect": [
    {
        "authentication_mode": "Passive",
        "client_id": "<CLIENT_ID>",
        "client_secret": "<CLIENT_SECRET>",
        "authority": "<AUTHORITY>",
        "get_claims_from_user_info_endpoint": false,
        "metadata_address": "<METADATA_ADDRESS>",
        "max_age": "<MAX_AGE>",
        "signed_out_redirect_uri": "<URL>",
        "authentication_method": "<AUTHENTICATION_METHOD>",
        "response_mode": "<RESPONSE_MODE>",
        "response_type": "<RESPONSE_TYPE>",
        "prompt": "<PROMPT>",
        "email_claim_type": "<CLAIM_TYPE_OVERRIDE>",
        "external_user_creation_url": "https://www.registerme.com",
        "is_enabled": true,
        "messages": {
            "signIn": "T_translationKey",
            "signInDescription": "T_translationKey",
            "signInTitle": "T_translationKey"
        },
        "provider_name": "OpenIDConnect,",
        "username_claim_type": "<CLAIM_TYPE_OVERRIDE>",
        "clear_default_scope": false,
        "scope": [
            "<CUSTOM_SCOPE>"
        ]
    }
]

Note

The OpenID Connect specification includes many properties. You can find more information about these properties and their implementation in the official OpenID Connect, OAuth 2, or .NET OpenID Connect specifications.

Do you have some feedback for us?

If you have suggestions for improving this article,