We are using now the IdP forge component in combination with Azure EntraId on O11.
This component used more than 40 AO's.
Can we replace this with this forge component?
Hi @Raymond Vermeer ,The IdP forge component uses the SAML 2.0 protocol.The OIDC Client as the name implies uses the OpenId Connect protocol instead.Both components allow for the integration with an external identity provider albeit each one using a different protocol as explained above.My understanding is that Azure EntraId supports both SAML 2.0 and OpenId Connect. However, you will need a new configuration on the EntraId side to use the OIDC client component.Both components offer similar experiences although they do not have the same capabilities ( for example the OIDC component does not perform automatic group mapping of group claims and IdP does if configured).It is up to you to evaluate both options and decide to use the one that better fit your use case.Regards,
Thank you for clearing this out. Just a few more questions:
Hi @Raymond Vermeer ,
Both IdP and OIDC client have a flag that can be turned on and off to enable the auto creation of users upon the first login.
Regarding Group Mapping, when using the OIDC client component, you will need to add your custom group mapping logic using the OIDC Customization application.Regards,