Creating a connection to the AuthID OIDC service requires configuration in two different areas: AuthID's backend and the identity provider of your choosing. This page will cover the steps and options for creating an integration within AuthID, along with examples of popular identity providers you can integrate with.
Start by logging into the Identity Portal and navigate to the OpenID integration blade of the menu:
From here you will be presented with a list of any existing integrations. You can add a new one by clicking the blue Add integration button on the right hand side of the page. When creating a new integration, you will be presented with a blank set of options as seen below:
- Name: name of the integration
- Display Name: display name of the integration
- Access Token Lifetime: length of time that the access token is considered valid
- Enabled: enables or disables the integration
- Allow biometry self enrollment: allows a user to enroll their biometrics immediately upon application enrollment
- Login type: sets the identifier for a user within the identity provider and within AuthID's backend. Can be set to phone number, email, or username. See the screenshot of the experience using a phone number:
- Self enrollment flow: sets the modality of enrollment to occur either within the existing browser session or via an email link
- Verification flow: sets the modality of verification to occur either within the existing browser session or via an email link
- Login Redirect Urls: URLs used by the identity provider to handle login callbacks
- Logout Redirect Urls: URLs used by the identity provider to handle logout callbacks
After creating this integration, you will be presented with a Client ID and Client secret. These values will be used when configuring the identity provider connection in the next sections, and the Identity Portal does not save these values. Be sure to copy them or store them in your application if using the API endpoints.