Speaking of providers...
This feature allows you to register providers that will be used to log in to Identity. You can register providers such as Google, Facebook, Linkedin, or others, so that authentication occurs through users' accounts in these applications.
There is the possibility of creating the user at the first login, but the creation of users by the company administration in the Users menu remains as usual.
See the providers list
01. Click the 
Settings icon in the upper-right corner and click the Security option.
02. In the left menu, activate the Provider Registration option.
When clicking this option, a list is displayed with the providers registered in the company. You can copy the link from the provider's URL, edit the provider, or delete it if necessary.
Register provider
01. Click the Settings icon in the upper-right corner and click the Security option.
02. In the left menu, activate the Provider Registration option.
03. Click the Register new provider button
04. In the Provider step, add the required information.
Provider
The provider options are: Google, Facebook, or Linkedin (not generic), or generic (custom server).
Provider Name
Name to be displayed on the login screen.
If a non-generic provider is included, the following fields are required:
Application Identifier in Provider (ClientId)
ClientId is the provider identifier generated on Linkedin, Facebook, or Google.
Application Password in Provider (ClientSecret)
ClientId is the password generated by the provider itself.
Self-registration
Indicates whether user can be created at first login, or whether only users created via the Users menu will be able to authenticate.
If a generic provider is included, the next steps need to be completed.
05. Click Save to complete the registration of the non-generic provider, or click Next to proceed with the registration of the generic provider.
06. In the Application Data step, add the required information and click Next.
Application Identifier in Provider (ClientId)
ClientId is the provider identifier you want to use.
Application Password in Provider (ClientSecret)
ClientId is the password generated by the provider itself.
Self-registration
Indicates whether the user can be created at first login, or whether only users created via the Users menu will be able to authenticate.
Scopes
Scopes are routes that providers use, for example: e-mail address, username. Each provider has its own scope and usually documents this so that the user can consult it when registering.
TIP!
When logging in, you can see the request coming from your provider by looking at F12 on your browser, so you can get the exact parameters you need to fill in.
07. In the Protocol Information step, add the required information and click Next.
Protocol type
It can be OIDC or OAUTH2. If it is OAUTH2, you need to register the URI with the user information by the provider.
Flow used for authentication (GrantType)
It can be Authorize or Implicit. By default, providers use Authorize, more specific cases use Implicit, but in this case, it needs to be indicated in the provider's documentation.
08. In the Provider endpoints step, add the required information and click Next.
Get User Information from ISP
When this option is checked, it always calls the provider's /me, even though it is OIDC.
Auth URL
Primary address to initiate authorization.
URI of token exchange with Provider (TokenURI)
It is the address to exchange the code for an access token (internally).
URI with Provider certificates (JWKS)
Certificate providing URI.
URI with user information by Provider
It's the /me address. Required when there is no such information coming from the IDToken (when the flow occurs through OAuth2 without OIDC).
URI with user's email
This field is only required in a very specific case where the email is not in the profile.
09. In the Authentication search information step, add the required information and click Next.
Provider parameter that contains the Token ID or Access Token
Provider parameter with Access Token
If there is already a Token ID in the request and accessToken is still required for any call to the provider.
Variable with user name
Contained in the Token ID or /me response.
Variable with user's last name
Contained in the Token ID or /me response.
Variable with full user name
Contained in the Token ID or /me response.
Full name ID
If the Token ID or /me only contains the variable that contains the FullName, without the FirstName and LastName.
User email
If the email is not contained in the Token ID or /me response.
10. In the Security Validators step, include the required information.
Default token issuer
Token issuer. Value set by the provider.
Default token receiver
Token recipient, usually populated with the ClientId of the application in the provider.
11. Click Save to complete the provider registration.
After adding the new provider, the Identity login screen will present a button with the name of the provider, so that authentication with the user's account is allowed in the configured application.
Edit provider
01. Click the Settings icon in the upper right corner and click the Security option.
02. In the left menu, activate the Provider Registration option.
03. Locate the provider you want to edit and click the 
Edit environment.
The target provider data will open so that the information can be consulted and changed.
For generic providers, the information to be changed is the same as the provider registration, according to Register provider item in this documentation.
For non-generic providers (Google, Facebook or Linkedin), only the ClientId and ClientSecret can be changed.
04. Click Save to save changes.
Copy the link from the provider URL
01. Click the Settings iconn the upper-right corner and click the Security option.
03. Locate the provider you want to copy the link to and click the 
Copy URL button.
When clicking this button, the link to access the provider is copied to the clipboard, so that the registration with the provider can be performed.
Delete provider
01. Click the Settings icon in the upper right corner and click the Security option.
02. In the left menu, activate the Provider Registration option.
03. Locate the provider that you want to delete the link to and click the 
Delete environment button.
After deleting the provider, the button with the provider name will be deleted from the Identity login screen.
Visão Geral
Import HTML Content
Conteúdo das Ferramentas
Tarefas