The Competence Group TCG Academy OpenID application setup
Introduction
This manual shows how to make an OpenID connection to TCG Academy. The configuration takes place in HelloID and requires you to send information to TCG.
Requirements:
HelloID environment
TCG Academy environment
Create or Import a Certificate
If there is no certificate yet, a certificate must be imported or created. This can be done in the HelloID Administrator Portal under Settings > Certificates. For this tutorial, we will use a self-signed certificate. Learn more about certificates here.
Application Setup
Add the TCG Academy Application
Create a new application in HelloID by navigating to Applications > Applications. Open the Application Catalogue and search for "TCG". Find the OpenID template, and click Add. Learn more about managing applications here.
General tab
On the General tab, replace the customer id {customer_id} in the Default Login URL field. Optionally, you may also add a description. Click Next.
Single Sign-on tab
On the Single Sign-On tab, perform the following steps:
Provide a value in the Secret field. This can be any value that you want, although we suggest a string of at least 52 characters.
Important: Make note of this value, as you will need to send it to TCG Academy later on.
In the Signing Certificate dropdown, select the certificate that you created or imported previously.
For the Redirect Uri, TCG will provide you with a customer specific Uri. This will probably look like the default value but with you organization name instead of {customer}.
Click Next.
Self service tab
On the Self Service tab, choose whether to automatically create a Self Service product, which makes the application requestable. This is optional. Click Next.
Finish tab
On the Finish tab, click Save to add the application to HelloID.
Additional Configuration
After adding the TCG Academy application, click its Edit link on the applications overview. This will bring you to its properties page. Right-click View discovery document at the right top of the screen and Copy link address. This is the URL that you need to provide to TCG.
Then click on the tab Configuration, you will find the Client ID at the top of the configuration. Copy this value to send to TCG later.
Click on the button Configure Mapping Set.
User Mapping
Make sure to use an attribute that is known in TCG as the Subject. This could be the user login name or the attribute employeeID.
Click Close and then click Save. The configuration of the HelloID application is finished.
TCG Academy Configuration
In order to make the connection, TCG support needs to add the connection on their side. Please contact TCG for further information. They will need at least the Client Secret, the Client ID and the location of the Discovery document. These are defined in the previous steps.
They will provide you with the correct Redirect Uri.