OpenId Connect Authentication

Available on paid plans

You can configure Ginc Radar to be a OIDC client to authenticate users

Configuring OpenId Connect Authentication

To configure OpenId Connect Authentication:

  1. On the left sidebar, at the top, select Admin Panel.

  2. Select Settings → OIDC.

  3. Provide configuration data for oidc client

  4. Save changes

The next time the user attempts to log in, a button will appear to authenticate via provided authentication server.

Notes

  1. Redirect URL to use on your OIDC provider: ${EXTERNAL_URL}/api/login/oauth2/code/${INTEGRATION_TITLE_IN_LOWER_CASE}

  2. It is recommended to restart Ginc Radar every time you change an existing Jwks Uri. This is due to cache limitations in the internal security libraries and will be fixed in a future release.

Special cases

Username selection

Username of the authenticated user is taken from the "preferred_username" field.

Username is not in the internal database

If username is not in the internal database, a new user with minimal access rights will be created.

Username is in the internal database

If username is in the internal database, the existing user will be authenticated.