CommunityForgeAssets listOIDC Client
oidc-client
Reactive icon

OIDC Client

Stable version 1.0.9 (Compatible with OutSystems 11)
Uploaded
 on 03 September 2024
 by 
5.0
 (3 ratings)
oidc-client

OIDC Client

Documentation
1.0.9

How to Setup:

Access the https:///OIDC application and click the "Add App" button to add a new OIDC app configuration:

On the next page you can copy the "Sign In" and "Logout" redirect URLs that are needed to configure the OIDC application on your identity provider.Once configured you will need to fill in the form:


App Name: Name of the application configuration to identify the configuration to be used at runtime.

ClientId: the value of the ClientId that was given by your Identity Provider.

Authentication Mode: Proof Key for Code Exchange (PKCE) or Authorization CodeIf the value is set as Authorization Code you will also need the Client Secret provided by your identity provider.

OIDC Configuration URL: URL of the Identity provider .well-known/openid-configuration

Username Claim: Name of the claim that will be used as the Username of the user on the Outystems Users table.

Response Mode: How should the Identity Provider reply ( Post or Redirect)

Auto Provision Users: If enabled users will be created on the Users table if they don't exist on their first login

Use OIDC Customization Code: If enabled the the component will execute the custom logic of the OIDC Customization component.

After saving the form, you will get to a review page with the configurations saved for the OIDC application:


How to use:

On the On Exception Action (Interface > UIFlows > Common > OnException ) use Public_OIDC/Get_Authorization_URL from OIDC (OIDC Client) module:

(Alternatively, use this action on your custom login page.)


Where AppName = The name of the application configured on the OIDC Client Component

OriginalURL = is the link where you want the user to be redirected after the Login (you can choose the home screen or use GetBookmarkableURL() for a better user experience, make sure you use the GetBookmarkableURL() retrieved from the client side when used in a Reactive Web app)

ErrorURL = optional parameter that should be a URL of an anonymous page to be used in case of the need to display a custom error page. It can receive the following parameters: 'error', 'error_description', and 'error_uri'. 


Replace the existing flow with the one displayed below: 



Get_Authorization_URL.URL corresponds to the output URL built by the OIDC component to make a request for Authentication (based on the Authorization endpoint defined in your OIDC application):


Note: Auto User Provision is used if you want a user that was not been created yet in the OutSystems users database table to be created when accessing the application for the first time. 


How to get the Auth Token:

Use AuthorizationHeader output variable from Get_AuthorizationToken (OIDC Component) for your REST API calls (it will return a “Bearer XXXXXX” string to use directly). 



For the Logout flow: 

On the UserInfo block (Interface > UIFlows  > Common > UserInfo) use Get_Logout_URL (defined on the OIDC component) and implement the same logic.



To map Roles and Groups into the OutSystems Identity Provider you must customize the login flow using Custom_User_Check (OIDCCustomization) and then, after creating the roles on the OutSystems side match it according to the Claims returned. With this logic, you'll be able to add the user to groups or assign it to roles before the user is logged into the application. 


1.0.8

How to Setup:

Access the https:///OIDC application and click the "Add App" button to add a new OIDC app configuration:

On the next page you can copy the "Sign In" and "Logout" redirect URLs that are needed to configure the OIDC application on your identity provider.Once configured you will need to fill in the form:


App Name: Name of the application configuration to identify the configuration to be used at runtime.

ClientId: the value of the ClientId that was given by your Identity Provider.

Authentication Mode: Proof Key for Code Exchange (PKCE) or Authorization CodeIf the value is set as Authorization Code you will also need the Client Secret provided by your identity provider.

OIDC Configuration URL: URL of the Identity provider .well-known/openid-configuration

Username Claim: Name of the claim that will be used as the Username of the user on the Outystems Users table.

Response Mode: How should the Identity Provider reply ( Post or Redirect)

Auto Provision Users: If enabled users will be created on the Users table if they don't exist on their first login

Use OIDC Customization Code: If enabled the the component will execute the custom logic of the OIDC Customization component.

After saving the form, you will get to a review page with the configurations saved for the OIDC application:


How to use:

On the On Exception Action (Interface > UIFlows > Common > OnException ) use Public_OIDC/Get_Authorization_URL from OIDC (OIDC Client) module:

(Alternatively, use this action on your custom login page.)


Where AppName = The name of the application configured on the OIDC Client Component

OriginalURL = is the link where you want the user to be redirected after the Login (you can choose the home screen or use GetBookmarkableURL() for a better user experience, make sure you use the GetBookmarkableURL() retrieved from the client side when used in a Reactive Web app)

Replace the existing flow with the one displayed below: 



Get_Authorization_URL.URL corresponds to the output URL built by the OIDC component to make a request for Authentication (based on the Authorization endpoint defined in your OIDC application):


Note: Auto User Provision is used if you want a user that was not been created yet in the OutSystems users database table to be created when accessing the application for the first time. 


How to get the Auth Token:

Use AuthorizationHeader output variable from Get_AuthorizationToken (OIDC Component) for your REST API calls (it will return a “Bearer XXXXXX” string to use directly). 



For the Logout flow: 

On the UserInfo block (Interface > UIFlows  > Common > UserInfo) use Get_Logout_URL (defined on the OIDC component) and implement the same logic.



To map Roles and Groups into the OutSystems Identity Provider you must customize the login flow using Custom_User_Check (OIDCCustomization) and then, after creating the roles on the OutSystems side match it according to the Claims returned. With this logic, you'll be able to add the user to groups or assign it to roles before the user is logged into the application. 


1.0.7

How to Setup:

Access the https://<yourenvironment>/OIDC application and click the "Add App" button to add a new OIDC app configuration:


On the next page you can copy the "Sign In" and "Logout" redirect URLs that are needed to configure the OIDC application on your identity provider.

Once configured you will need to fill in the form:


App Name: Name of the application configuration to identify the configuration to be used at runtime.
ClientId: the value of the ClientId that was given by your Identity Provider.
Authentication Mode: Proof Key for Code Exchange (PKCE) or Authorization Code
If the value is set as Authorization Code you will also need the Client Secret provided by your identity provider.
OIDC Configuration URL: URL of the Identity provider .well-known/openid-configuration
Username Claim: Name of the claim that will be used as the Username of the user on the Outystems Users table.
Response Mode: How should the Identity Provider reply ( Post or Redirect)
Auto Provision Users: If enabled users will be created on the Users table if they don't exist on their first login
Use OIDC Customization Code: If enabled the the component will execute the custom logic of the OIDC Customization component.

After saving theform, you will get into a review page with the configurations saved for the OIDC application:




How to use:


On the On Exception Action (Interface > UIFlows > Common > OnException ) use Public_OIDC/Get_Authorization_URL from OIDC (OIDC Client) module:

(Alternatively, use this action on your custom login page.)


Where AppName = The name of the application configured on the OIDC Client Component

OriginalURL = is the link where you want the user to be redirected after the Login (you can choose the home screen or use GetBookmarkableURL() for a better user experience, make sure you use the GetBookmarkableURL() retrieved from the client side when used in a Reactive Web app)

Replace the existing flow with the one displayed below: 



Get_Authorization_URL.URL corresponds to the output URL built by the OIDC component to make a request for Authentication (based on the Authorization endpoint defined in your OIDC application):


Note: Auto User Provision is used if you want a user that was not been created yet in the OutSystems users database table to be created when accessing the application for the first time. 


How to get the Auth Token: 

Use AuthorizationHeader output variable from Get_AuthorizationToken (OIDC Component) for your REST API calls (it will return a “Bearer XXXXXX” string to use directly). 



For the Logout flow: 

On the UserInfo block (Interface > UIFlows  > Common > UserInfo) use Get_Logout_URL (defined on the OIDC component) and implement the same logic.



To map Roles and Groups into the OutSystems Identity Provider you must customize the login flow using Custom_User_Check (OIDCCustomization) and then, after creating the roles on the OutSystems side match it according to the Claims returned. With this logic, you'll be able to add the user to groups or assign it to roles before the user is logged into the application. 



1.0.6

How to Setup:

Access the https://<yourenvironment>/OIDC application and click the "Add App" button to add a new OIDC app configuration:


On the next page you can copy the "Sign In" and "Logout" redirect URLs that are needed to configure the OIDC application on your identity provider.

Once configured you will need to fill in the form:


App Name: Name of the application configuration to identify the configuration to be used at runtime.
ClientId: the value of the ClientId that was given by your Identity Provider.
Authentication Mode: Proof Key for Code Exchange (PKCE) or Authorization Code
If the value is set as Authorization Code you will also need the Client Secret provided by your identity provider.
OIDC Configuration URL: URL of the Identity provider .well-known/openid-configuration
Username Claim: Name of the claim that will be used as the Username of the user on the Outystems Users table.
Response Mode: How should the Identity Provider reply ( Post or Redirect)
Auto Provision Users: If enabled users will be created on the Users table if they don't exist on their first login
Use OIDC Customization Code: If enabled the the component will execute the custom logic of the OIDC Customization component.

After saving theform, you will get into a review page with the configurations saved for the OIDC application:




How to use:


On the On Exception Action (Interface > UIFlows > Common > OnException ) use Public_OIDC/Get_Authorization_URL from OIDC (OIDC Client) module:

(Alternatively, use this action on your custom login page.)


Where AppName = The name of the application configured on the OIDC Client Component

OriginalURL = is the link where you want the user to be redirected after the Login (you can choose the home screen or use GetBookmarkableURL() for a better user experience, make sure you use the GetBookmarkableURL() retrieved from the client side when used in a Reactive Web app)

Replace the existing flow with the one displayed below: 



Get_Authorization_URL.URL corresponds to the output URL built by the OIDC component to make a request for Authentication (based on the Authorization endpoint defined in your OIDC application):


Note: Auto User Provision is used if you want a user that was not been created yet in the OutSystems users database table to be created when accessing the application for the first time. 


How to get the Auth Token: 

Use AuthorizationHeader output variable from Get_AuthorizationToken (OIDC Component) for your REST API calls (it will return a “Bearer XXXXXX” string to use directly). 



For the Logout flow: 

On the UserInfo block (Interface > UIFlows  > Common > UserInfo) use Get_Logout_URL (defined on the OIDC component) and implement the same logic.



To map Roles and Groups into the OutSystems Identity Provider you must customize the login flow using Custom_User_Check (OIDCCustomization) and then, after creating the roles on the OutSystems side match it according to the Claims returned. With this logic, you'll be able to add the user to groups or assign it to roles before the user is actually logged into the application. 



1.0.5

How to Setup:

Access the https://<yourenvironment>/OIDC application and click the "Add App" button to add a new OIDC app configuration:


On the next page you can copy the "Sign In" and "Logout" redirect URLs that are needed to configure the OIDC application on your identity provider.

Once configured you will need to fill in the form:


App Name: Name of the application configuration to identify the configuration to be used at runtime.
ClientId: the value of the ClientId that was given by your Identity Provider.
Authentication Mode: Proof Key for Code Exchange (PKCE) or Authorization Code
If the value is set as Authorization Code you will also need the Client Secret provided by your identity provider.
OIDC Configuration URL: URL of the Identity provider .well-known/openid-configuration
Username Claim: Name of the claim that will be used as the Username of the user on the Outystems Users table.
Response Mode: How should the Identity Provider reply ( Post or Redirect)
Auto Provision Users: If enabled users will be created on the Users table if they don't exist on their first login
Use OIDC Customization Code: If enabled the the component will execute the custom logic of the OIDC Customization component.

After saving theform, you will get into a review page with the configurations saved for the OIDC application:




How to use:


On the On Exception Action (Interface > UIFlows > Common > OnException ) use Public_OIDC/Get_Authorization_URL from OIDC (OIDC Client) module:

(Alternatively, use this action on your custom login page.)


Where AppName = The name of the application configured on the OIDC Client Component

OriginalURL = is the link where you want the user to be redirected after the Login (you can choose the home screen or use GetBookmarkableURL() for a better user experience, make sure you use the GetBookmarkableURL() retrieved from the client side when used in a Reactive Web app)

Replace the existing flow with the one displayed below: 



Get_Authorization_URL.URL corresponds to the output URL built by the OIDC component to make a request for Authentication (based on the Authorization endpoint defined in your OIDC application):


Note: Auto User Provision is used if you want a user that was not been created yet in the OutSystems users database table to be created when accessing the application for the first time. 


How to get the Auth Token: 

Use AuthorizationHeader output variable from Get_AuthorizationToken (OIDC Component) for your REST API calls (it will return a “Bearer XXXXXX” string to use directly). 



For the Logout flow: 

On the UserInfo block (Interface > UIFlows  > Common > UserInfo) use Get_Logout_URL (defined on the OIDC component) and implement the same logic.



To map Roles and Groups into the OutSystems Identity Provider you must customize the login flow using Custom_User_Check (OIDCCustomization) and then, after creating the roles on the OutSystems side match it according to the Claims returned. With this logic, you'll be able to add the user to groups or assign it to roles before the user is actually logged into the application. 



1.0.4

How to Setup:

Access the https://<yourenvironment>/OIDC application and click the "Add App" button to add a new OIDC app configuration:


On the next page you can copy the "Sign In" and "Logout" redirect URLs that are needed to configure the OIDC application on your identity provider.

Once configured you will need to fill in the form:


App Name: Name of the application configuration to identify the configuration to be used at runtime.
ClientId: the value of the ClientId that was given by your Identity Provider.
Authentication Mode: Proof Key for Code Exchange (PKCE) or Authorization Code
If the value is set as Authorization Code you will also need the Client Secret provided by your identity provider.
OIDC Configuration URL: URL of the Identity provider .well-known/openid-configuration
Username Claim: Name of the claim that will be used as the Username of the user on the Outystems Users table.
Response Mode: How should the Identity Provider reply ( Post or Redirect)
Auto Provision Users: If enabled users will be created on the Users table if they don't exist on their first login
Use OIDC Customization Code: If enabled the the component will execute the custom logic of the OIDC Customization component.

After saving theform, you will get into a review page with the configurations saved for the OIDC application:




How to use:


On the On Exception Action (Interface > UIFlows > Common > OnException ) use Public_OIDC/Get_Authorization_URL from OIDC (OIDC Client) module:

(Alternatively, use this action on your custom login page.)


Where AppName = The name of the application configured on the OIDC Client Component

OriginalURL = is the link where you want the user to be redirected after the Login (you can choose the home screen or use GetBookmarkableURL() for a better user experience, make sure you use the GetBookmarkableURL() retrieved from the client side when used in a Reactive Web app)

Replace the existing flow with the one displayed below: 



Get_Authorization_URL.URL corresponds to the output URL built by the OIDC component to make a request for Authentication (based on the Authorization endpoint defined in your OIDC application):


Note: Auto User Provision is used if you want a user that was not been created yet in the OutSystems users database table to be created when accessing the application for the first time. 


How to get the Auth Token: 

Use AuthorizationHeader output variable from Get_AuthorizationToken (OIDC Component) for your REST API calls (it will return a “Bearer XXXXXX” string to use directly). 



For the Logout flow: 

On the UserInfo block (Interface > UIFlows  > Common > UserInfo) use Get_Logout_URL (defined on the OIDC component) and implement the same logic.



To map Roles and Groups into the OutSystems Identity Provider you must customize the login flow using Custom_User_Check (OIDCCustomization) and then, after creating the roles on the OutSystems side match it according to the Claims returned. With this logic, you'll be able to add the user to groups or assign it to roles before the user is actually logged into the application. 



1.0.3

How to Setup:

Access the https://<yourenvironment>/OIDC application and click the "Add App" button to add a new OIDC app configuration:


On the next page you can copy the "Sign In" and "Logout" redirect URLs that are needed to configure the OIDC application on your identity provider.

Once configured you will need to fill in the form:


App Name: Name of the application configuration to identify the configuration to be used at runtime.
ClientId: the value of the ClientId that was given by your Identity Provider.
Authentication Mode: Proof Key for Code Exchange (PKCE) or Authorization Code
If the value is set as Authorization Code you will also need the Client Secret provided by your identity provider.
OIDC Configuration URL: URL of the Identity provider .well-known/openid-configuration
Username Claim: Name of the claim that will be used as the Username of the user on the Outystems Users table.
Response Mode: How should the Identity Provider reply ( Post or Redirect)
Auto Provision Users: If enabled users will be created on the Users table if they don't exist on their first login
Use OIDC Customization Code: If enabled the the component will execute the custom logic of the OIDC Customization component.

After saving theform, you will get into a review page with the configurations saved for the OIDC application:




How to use:


On the On Exception Action (Interface > UIFlows > Common > OnException ) use Public_OIDC/Get_Authorization_URL from OIDC (OIDC Client) module:

(Alternatively, use this action on your custom login page.)


Where AppName = The name of the application configured on the OIDC Client Component

OriginalURL = is the link where you want the user to be redirected after the Login (you can choose the home screen or use GetBookmarkableURL() for a better user experience, make sure you use the GetBookmarkableURL() retrieved from the client side when used in a Reactive Web app)

Replace the existing flow with the one displayed below: 



Get_Authorization_URL.URL corresponds to the output URL built by the OIDC component to make a request for Authentication (based on the Authorization endpoint defined in your OIDC application):


Note: Auto User Provision is used if you want a user that was not been created yet in the OutSystems users database table to be created when accessing the application for the first time. 


How to get the Auth Token: 

Use AuthorizationHeader output variable from Get_AuthorizationToken (OIDC Component) for your REST API calls (it will return a “Bearer XXXXXX” string to use directly). 



For the Logout flow: 

On the UserInfo block (Interface > UIFlows  > Common > UserInfo) use Get_Logout_URL (defined on the OIDC component) and implement the same logic.



To map Roles and Groups into the OutSystems Identity Provider you must customize the login flow using Custom_User_Check (OIDCCustomization) and then, after creating the roles on the OutSystems side match it according to the Claims returned. With this logic, you'll be able to add the user to groups or assign it to roles before the user is actually logged into the application.