What is it?
OpenID Connect (OIDC) is an authentication layer that extends the OAuth 2.0 authorization framework. Where SAML SSO is meant for larger organization using enterprise solutions such as Active Directory, OIDC is meant for connections to an Authorization Server to provide basic profile information. Some common Authorization Servers include:
- Apple
- Google Workspace
- Microsoft
- WordPress (with the OpenID Connect Server plugin installed).
Google Workspace is an example of a platform that works as Authorization Server for OIDC. It is also possible for WordPress sites to act as an Authorization server.
What information do I need to know?
There are five pieces of information that you will need to know to configure OIDC with CollaborNation.
- Client ID - This is an identifier that you would make within your system for the connection with CollaborNation.
- Client Secret - This is a secret phrase that is shared between the two systems.
- Authorization URL - A Web page that the authorization server uses to provide a grant between the two systems
- Token URL - A Web page that the authorization server uses to generate an access or refresh token for a service.
- User Info URL - A Web page that the authorization server uses to provide information about a user.
Once configured within CollaborNation you will receive a Redirect URL which you will then input back into the OIDC service.
In many systems, the Client ID and Client Secret are unique to an individual organization, where as the other three URLs are specific to a given system. For example, in Google Workspace you may use URLs look like:
- Authorization URL - https://accounts.google.com/o/oauth2/auth
- Token UR - https://oauth2.googleapis.com/token
- User Info URL - https://openidconnect.googleapis.com/v1/userinfo
What does it mean if I add OIDC to my site?
Adding an OIDC Connection to your site makes it easier for your learners to log into your site. Rather than than having to remember a password they will click a button on the login page that will let them sign in with their OIDC credentials.
How do I add this info to my CollaborNation site?
CollaborNation allows Site Admins to add a new OpenID Connection through a page on Admin Tools.
From this page you you will see a page that lists the current connectors, and a button to create a new a connector.
Once added, you will use copy the OAuth Redirect URL for this connector and set that in the configuration for your OIDC server where you obtained the Client ID and Client Secret.
We also provide the OAuth Hash URL in case you would like to include a URL that will start the authorization process to log into CollaborNation in something like an email or text message.