search
Adaptiva.comSupport

Create OIDC Provider

circle-info

You can only configure single sign-on (SSO) in an on-premises Adaptiva Server. This does not apply to our SaaS solution.

You can configure Single Sign-On (SSO) to the Adaptiva Admin Portal using OIDC (OpenID Connect). This allows you to federate users and assign them roles in the Adaptiva Server.

Below are some OIDC Provider specific guides:

hashtag
Enable Single Sign-on using OIDC

Before enabling OIDC in the Admin Portal, verify that your IAM provider supports OpenID Connect and TLS is enabled (by default) on your Adaptiva server.

  1. Log in to the Adaptiva Server as a Super Admin user.

  2. Select the gear in the upper right, and then navigate to Settings > Security > OIDC Providers.

  3. Select +New to open a new OIDC Providers settings page, and then configure the following General Settings:

    1. Enter a Name (such as Entra ID or Okta ID) for the OIDC Provider, and then add a detailed Description.

    2. (Optional) Add a logo for the OIDC provider.

  4. Scroll down to OIDC Settings and add the details provided by the OIDC Provider (Entra, Okta, DUO):

    • Authority - The base URI provided by the OIDC provider.

    • Client ID - The client ID given to the Adaptiva server when registered with the provider.

    • Client Authentication Type - The type of client authentication the Adaptiva server should send to the identity provider when requesting ID Tokens.

      • None - Select none if you are using build 9.2 or earlier.

      If your Adaptiva Server is using build 9.3 or later, add the Client Secret that you received from the Identity Management administrator:

      • Private key (JWT)

      • Client Secret (JWT)

      • Client Secret (Post)

    1. Enter the Client Secret into the respective field.

    2. Client Secret - The client secret used by Adaptiva server to authenticate with OIDC provider.

    3. Click Save.

hashtag
Create new Administrator account

After creating the OIDC Provider, register users as Administrators using the following steps:

  1. Log in to the Admin Portal as a Super Admin.

  2. Select the > Settings > Security > Administrators.

  3. Click +New and create an Administrator account.

  4. Select the Admin Type dropdown menu, and select OpenID Connect.

  5. Enter the email address for the user you are creating. The system uses this address to send an email invitation to the user, and to match the user with their IAM service identity.

  6. Click the Identity Provider drop-down and select the provider (Entra, Okta, DUO).

  7. Enter the first and last name of the user in the User Details section and add any additional information as needed.

  8. In the Direct Roles section, click Browse. Select the appropriate role(s) for the administrator and click OK.

  9. Select Save.

  10. Select the More dropdown and click Invite to send an invitation email to the user. Refer to the account activation for information on what the invite user will see. If they do not accept the invitation in 24 hours, you will need to send a new invite.

hashtag
Register new account

After receiving the invitation email, the user can complete the account registration using the following steps:

  1. Select Register Account in the email. This takes the user to the IAM service login page.

circle-info

If the user is not already logged in, the IAM prompts them to log in.

  1. Open a new session of the Admin Portal. The login screen now lists the new OIDC Provider.

  2. Select the new login selection to log into the portal using your IAM credentials.

PreviousSecurity and Access ControlNextCreate SAML Provider

Last updated

Was this helpful?