OpenID ServerApp GetStarted - kmd-identity/documentation GitHub Wiki
Information needed to register your Server Application with KMD Identity using OpenID
- Specify a name for the Server Application. The recommended standard is: [ORGANIZATION] [PRODUCT] - [ENVIRONMENT]
- Examples:
- KMD Progress - local
- KMD Progress - dev
- KMD Progress - prod
- Examples:
- If the Server Application is authenticating end users:
- Specify one or more RedirectUris. A RedirectUri is the location a user is sent back to after authentication. It must match the redirect_uri specified in the Authorize request. RedirectUris are also used when a user logs out of your application. In that scenario it must match the post_logout_redirect_uri. RedirectUris must use HTTPS (ie. begin with "https://"). The only exception to this rule is a RedirectUri to localhost.
- Specify a LogoutURL for the Server Application. The LogoutURL will be called in an iframe whenever this Server Application or ANY other Server Application on KMD Identity logs out the user. This flow is often called Single Logout and ensures the user is logged off all applications when logging out from one single application.
- [Optionally] - Specify the identifier and scopes of an API for which the Server Application wants an access_token for. See audience and scopes in the API section for more information.
A ClientID and ClientSecret will be supplied to you from the KMD Identity team, which can be used to perform the Client Credentials Flow.