OIDC Server Configuration

Specific guides

We have specific configuration instructions for the following Auth Software:

If you are using another OIDC Provider, no problem keep reading.

Here are the key takeways for configuring.

Create a OpenID Connect client with Standard Flow AKA Authorization code flow. It's the default setting.
Disable client authentication (public client). We don't want to rely on client secret, it would be instantaneously leaked by your SPA.
In the configuration of the client, you only need a single valid redirect URIs. Let's assume that the home of your page is https://my-app.com you would set https://my-app.com/oidc-callback.htm, if your app is hosted under a sub path like https://my-app.com/dashboard, use https://my-app.com/dashboard/oidc-callback.htm. You may also want to add http://localhost:/oidc-callback.htm for local developement.
Valid post logout redirect: Same as the Valid Redirec URIs
Web Ogigins: http://my-app.com, http://localhost:5173

Last updated 22 hours ago

Was this helpful?