Back to Search Back to Search Results

Configuring OIDC Security Profiles

The OIDC provider must have previously been configured (see OIDC Provider Requirements), and the TD administrator must have the following information from the customer's OIDC provider to start the configuration process.

  1. The issuer URL of the OIDC provider. (See Section 2 of the OpenID Connect 1.0 specification and your OpenID provider documentation.)

  2. The Client Id that is generated by the authorization provider when a client application is created by your OIDC system administrator.

    Note: Some providers allow Client Id values to be user-generated.

  3. The Client Secret, which is also generated by the provider when the client application is created.

  4. Any custom scopes required by the OIDC provider.

This section describes how to configure Titania Delivery as an OIDC Relying Party (client) with respect to an OIDC Provider. The process is semi-automated. Using the OIDC provider issuer URL and credentials, the system will request configuration metadata from the OIDC provider and store the client registration information.
  1. Go to, or create, a Titania Delivery Organization to add a new authentication system.
  2. Click Authentication Systems.
  3. In the Portal Authentication Systems page, click New in the OpenID Providers section.
    The OpenID Provider window will appear.
  4. In the Display Name field, enter a label for the OpenID provider. This label should be unique among all OpenID profiles on your TD platform, to avoid ambiguity when selecting a security profile for a portal.
  5. In the Issuer field, enter the issuer URL of your OIDC provider application.
  6. In the Client ID field, enter the Client Id created or generated when the client application was created by your OpenID system administrator.
  7. In the Client Secret field, enter the Client Secret generated when the client application was created by your OpenID system administrator.
  8. If your OIDC provider requires custom scopes to process an authorization request, enter them in the Custom scopes field, separated by spaces. Otherwise, leave this field blank. If present, custom scopes will be appended to the default scopes used for the OIDC protocol.
  9. Click the Save button.
    Note: The configuration process will not succeed if there is not a valid metadata file at the well-known openid-configuration endpoint for the issuer URL.
Titania Delivery will display the newly-created OpenID Connect provider in the Portal Authentication Systems window and will store the configuration information, dynamically updating the server configuration.
Note: If the configuration information needs to change, the Save button will update the existing OpenID configuration.
Parent topic: Configuring OIDC Authentication Clients