Skip to main content

OIDC Provider setup

To allow apps or clients to login using an OIDC Identity Provider, we must register an application with the IdP. The process might slightly vary from one IdP to another (refer your IdP documentation), but there are a few things in common.

  • Callback URL: This will be the URL where Ory Polis receives the OIDC Authorization response. Make sure to set the full HTTPS URL obtained by concatenating Ory Polis endpoint with oidcPath env. The default value set for oidcPath in Ory Polis service is /api/oauth/oidc.
  • Client/Application ID: The OIDC Identity Provider normally will generate a unique identifier for the registered App. Make a note of this to be used later when creating the SSO connection with Ory Polis.
  • Client Secret: Along with the Client ID, the IdP also generates a client secret which is used to authenticate the client while issuing tokens. Make a note of this to be used later when creating the SSO connection with Ory Polis.
info

Since Ory Polis acts as a proxy between the app and the OIDC Identity Provider, here the application/client is Ory Polis.