Create an OIDC Connector

The OpenID Connect (OIDC) connector allows SigningHub to connect with any third-party authentication service that supports OIDC protocol such as Google and Azure Active Directory. This is a generic configuration so the "Auth URL" provided in the connector will be used for identifying the third-party service configured to authenticate the user both at the time of login and at the time of signing.

Create an OIDC connector:

From the left menu, click "Configurations".
Click "Connectors" .
From the top right corner of the connectors list, click .
The Add Connector dialog is displayed..

The Add Connector dialog is a step-wise wizard consisting of the following the steps for configuring the connector:

Basic Information
Details

On the Basic Information section:

4. Type in a unique Name for the connector.

5. Select "OIDC" in the Provider field.

6. Click Next.

The following image illustrates an example of information entered on the dialog.

On the Details section:

7. Specify the fields as required by the third-party service; leave the rest empty.

8. Click Finish.
The OIDC connector has been added and can be used in an authentication profile.

The following image illustrates the example information entered on the "Details" section of the dialog.

The following table describes the fields on the "Basic Information" section of this dialog.

Basic Information Section
Fields	Description
Name	Specify a unique name for this connector, i.e. My Google. This connector will be used in the configuration of Authentication Profiles.
Provider	Select the provider for this connector, i.e. "OIDC".
Purpose	This field will display the purpose of the selected provider above, i.e. the purpose of "OIDC" is "Authentication".
Active	Select to make this connector active. Keep the check box empty to make the connector In-active. An inactive connector cannot be configured in the Authentication Profiles.
Next	Displays the "Details" section.

The following table describes the fields on the "Details" section of this dialog.

Details Section
Fields	Description
Logo	Select an appropriate image in the jpeg, jpg, gif or png format for the connector's logo that will be displayed on the login screen.
Discover Document URL	Enter the "Discovery Document URL", OpenID Connect defines a discovery mechanism, called OpenID Connect Discovery, where an OpenID server publishes its metadata at a well-known URL, typically https://server.com/.well-known/openid-configuration This URL returns a JSON listing of the OpenID/OAuth endpoints, supported scopes and claims, public keys used to sign the tokens, and other details.
Auth URL	Enter the endpoint as provided by the third-party authentication server. For example, "https://accounts.google.com/o/oauth2/v2/auth" is for Google.
Client ID	Enter the registered client ID as provided by the third-party authentication server. By default, the text is masked with asterisks, you can click to view the entered text.
Client Secret	Enter the client secret as provided by the third-party authentication server. By default, the text is masked with asterisks, you can click to view the entered text.
Scope	REQUIRED OpenID Connect requests MUST contain the openid scope value. (its auto filled in field) add more parameters if needed like email, profile (seprated with empty space) OpenID Connect Clients use scope values to specify what access privileges are being requested for Access Tokens.
Access Token URL	Enter the endpoint as provided by the third-party authentication server for exchanging the authorization code for an access token. For example, "https://www.oauth2.googleapis.com/token" is provided by Google.
Finish	Creates a new connector using the information entered on the dialog.