OpenID Integration
  • Updated on 13 Mar 2018
  • 1 minute to read
  • Print
  • Dark
    Light

OpenID Integration

  • Print
  • Dark
    Light

Warning: This will require appropriate technical resources on the clients side to be able to implement. We recommend making sure you have someone from your organization with experience available to streamline the process.  Our support team is available to help, but may not be not be able to answer questions or solve problems that are unique to your company.
Note: Accounts created before the following module is installed will need to be updated before using single sign on. Please contact support on how to update the account.

OpenID is an open standard and decentralized authentication protocol. Users create accounts by selecting an  OpenID identity provider, and then use those accounts to sign onto any website which accepts  OpenID authentication.
Basic configuration:
Install OpenID module.
2018-03-19_154904-3.png

2018-03-19_154948-2.png

Note: to install Module in Decisions please read the following  document .
A prompt will pop-up to restart Service Host Manager
2018-03-19_155023-2.png

Navigate to System and Restart Instance
2018-03-19_155139-2.png

Locate the OpenID Settings in System>Settings and select the Enabled checkbox
2018-03-19_155737-1.png

2018-03-19_160200-1.png

Add a new identity provider in the Identity Providers section
2018-03-19_160247-1.png

Only four fields need to be filled.
2018-03-19_160330.png

ForIdP Name choose any name for this configuration
Get the values of Client ID , Client Secret , and Discovery URL (Authority) from your identity provider. The Discovery URL usually ends with ".well-known/openid-configuration ".

Select OK to finish creating this identity provider. Be sure it is selected as your Primary Identity Provider in OpenID Settings. Select Save .
2018-03-19_161517.png

Be sure the information given to your identity provider is correct. Many IdPs have a whitelist of redirect URIs. It may be necessary to add "http:///decisions/Login.aspx " to this list. The required information may change between different IdPs.

Final step is to navigate to Settings.xml by "C:\Program Files\Decisions\Decisions Services Manager "

2018-03-19_1622341.png

Use a search tool to locate EnableSingleSignOn to true and restart.
2018-03-19_162620.png

If there is an active session, it might be logged in with a non-OpenID account. Log out or start a fresh session and this should redirected to the identity provider. Once the identity provider has accepted the credentials, it will redirect back to Decisions and logged in with the OpenID account.

Was this article helpful?