You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: content/en/docs/marketplace/platform-supported-content/modules/oidc.md
+9-24Lines changed: 9 additions & 24 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -985,11 +985,17 @@ For all versions of the OIDC SSO module, once you have created the microflow (fo
985
985
If your microflow is not correctly implemented you will be told that **Authentication failed!** and will see errors in the log under the OIDC log node.
986
986
{{% /alert %}}
987
987
988
-
### Using Deep Links
988
+
### Configuring Login Redirection
989
989
990
-
If end-users who use the deeplink do not yet have a session in your app, the deeplink can trigger the SSO process. If successful, the end-user will be automatically redirected back to the deeplink.
990
+
This section describes how to configure the application's `login.html` page to initiate authentication using the OIDC SSO module. By default, the Mendix login.html page does not automatically start the OIDC authentication flow. To enable users to sign in with an OIDC identity provider, you can configure the login page to either automatically redirect users to the identity provider or allow users to choose between local authentication and OIDC SSO.
991
991
992
-
For more information on using Deep Link module (with Mendix 8 and 9), see the [Using Deep Link Module](#using-deep-link) section below.
992
+
#### Automatic Redirection
993
+
994
+
To enable authentication using the OIDC SSO module, replace the default `login.html` with the content of `login-with-mendixsso-automatically.html` (located in the `resources\mendixsso\templates` folder) and save it as `login.html`. Use this option when all users should be directly redirected to the OIDC Identity Provider.
995
+
996
+
#### Manual Redirection
997
+
998
+
For manual redirection, you can use the same method for automatic redirection above and add an onclick event to a button that manually triggers the SSO login. Use this option when users should choose between login in using local credentials and login via OIDC SSO.
993
999
994
1000
#### Using Page and Microflow URLs with OIDC SSO{#page-microflow-url}
995
1001
@@ -1008,27 +1014,6 @@ For more information, see the [Migrating to Page and Microflow URLs](/appstore/m
1008
1014
Starting from Studio Pro 10.9.0, you can use the primitive parameters as **Query string** parameters in microflows. Check the checkbox in the parameter table to configure a microflow parameter to use as a **Query string** parameter.
1009
1015
For more information, see the [URL](/refguide/microflow/#url) section of the *Microflow Properties*.
1010
1016
1011
-
##### Steps for OIDC SSO Version v4.1.0 and above
1012
-
1013
-
In OIDC SSO version 4.1.0 and above, you do not have to enable anonymous users. You can disable this setting by navigating to **Security > Anonymous users** and setting **Allow anonymous users** to **No**. However, from version 4.5.0 of the module, this role has been removed from the module.
1014
-
1015
-
1. To use the Page URL functionality, replace the content of `login.html` with the content of `login-with-mendixsso-automatically.html` (located in the `resources\mendixsso\templates` folder) and save it as `login.html`.
1016
-
1017
-
2. To implement the SSO redirection, you will need to replace the code in the `<script>` tag of your login page (for example, `login.html`) with code which does one of the following, depending on whether you want automatic or manual redirection:
1018
-
1019
-
* For automatic redirection, you can use `window.onload` to automatically redirect users to the SSO login page. You could, for example, use the following code:
* For manual redirection, you can use the same code above and add an onclick event to a button that manually triggers the SSO login.
1029
-
1030
-
Once the above changes are applied, end users can directly navigate to the desired page. If not logged in, they will be redirected to the IdP login page for authentication. After successful login, they will be directed to the desired page using page and microflow URLs.
0 commit comments