Using OIDC Discovery with Identity Providers

Authentication Framework > Guides > Using OIDC Discovery with Identity Providers

OpenID Connect (OIDC) has become a popular standard for identity verification, enabling seamless user login experiences across various applications. At the heart of OIDC’s flexibility and ease of integration is the OIDC Discovery mechanism, which simplifies the process of integrating with different Identity Providers (IdPs).

Specifically this guide should provide some insight into how to add a Log in with Banno.

One of the key benefits of using OpenID Connect (OIDC) for authentication is the ability to leverage identity tokens to gain valuable information about your users. These profiles can enhance user experience, provide personalized services, and improve the overall functionality of your application. For more details on this, see our guide on Mapping Customer Identities to Existing System IDs.

Prerequisites

In order to get the most out of this guide, you should already be familiar with your specific Identity Provider service.

Identify your environment’s discovery endpoint.

Providers

Amazon Cognito

See Amazon Cognito for more information and documentaion for their platform.

  1. Define a new user pool
  2. Select Federated identity providers for the provider type - then select OpenID Connect (OIDC) for the sign-in option
  3. Add your client id and client secret
  4. Choose a setup method to retrieve OpenID Connect endpoints - we suggest using Auto fill through issuer URL in order to utilize the /oidc/.well-known/openid-configuration endpoint
  5. Map any OIDC claims to your user pool attributes (ie. phone, number, username, account details, etc.)

Suggested reading

Have a Question?
Have a how-to question? Seeing a weird error? Get help on StackOverflow.
Register for the Digital Toolkit Meetup where we answer technical Q&A from the audience.
Last updated Wed Jun 19 2024