π Key Concepts
Authentication Type
OIDC (OpenID Connect): An identity layer built on top of OAuth 2.0. It allows clients to verify the identity of users and retrieve basic profile information in a secure, standardized way.
Identity Provider Type
Own: Use this option when setting up a connection to your own company's Identity Provider. This is typically selected to enable internal users to log in using their corporate credentials.
Redirect URL
This is the URL to which the Identity Provider (IdP) redirects users after successful authentication. It typically includes an endpoint where the authentication token is passed. The URL is usually predefined and must be registered in your IdP configuration.
Metadata URL
A special URL that provides configuration information for your IdP. It contains the public keys and endpoints required for secure communication and trust between systems. This URL should always end with: /.well-known/openid-configuration
Identity Provider (IdP)
An Identity Provider (IdP) is a system that authenticates users and verifies their identity. It acts as a gatekeeper, allowing only verified users to access specific resources.
IdP Data
IdP Data includes user credentials and rules governing access β such as usernames, passwords, roles, and permissions. This data is essential for authenticating users and enforcing security policies.
Provider ID
The Provider ID is the user ID specific to the Identity Provider being used. This ID varies depending on the IdP:
Configure Your Identity Provider (IdP)
This involves entering your Metadata URL, Client ID, and Client Secret, which are critical for authenticating your users.
Navigate to Technical Setup β Identity Provider Configuration β Add Identity Provider
Select:
Authentication Type: OIDC
Identity Provider Type: Own
After Creating the IDP entry, you need to configure the connection details to your company IdP.
Provide:
Your Metadata URL
Your Client ID and Client Secret from your OpenID instance (Azure, Keycloak, etc.)
Register the redirect URL in your Open ID instance (without the wildcard)
Last Step: Connect Your User Profile
You need to link your Cofinity-X user account to your IdP by entering your IdP User ID (also referred to as Provider ID in Azure).
Retrieving the Provider ID from Cofinity-X (Azure Example):
To retrieve your Provider ID from Cofinity-X:
Log out from your current account
Log in using your newly created IdP within the Cofinity-X Portal
Complete the Azure login if prompted
After successful login, a screen will display your username
β This is your Provider ID.
Add Users Manually
Once your IDP is correctly setup, you can then add users
Currently, role synchronization is not supported. All users must be added manually after IdP setup.
If you have any questions or require additional support, feel free to reach out to us here >> [email protected].