Tonos Care OpenID application setup
Introduction
This article demonstrates how to set up Tonos Care for single sign-on. The configuration takes place in HelloID and requires you to send information to Tonos Care.
Requirements
HelloID environment
Tonos Care environment
Application setup
Add the Tonos Care application
Add a new application.
Find the template for Tonos Care (OpenID Connect).
Select its Add button.
General tab
No changes on the General tab are required yet. After supplying the HelloID information to Tonos Care you will receive the correct default URL.
Select the Next button.
Single Sign-On tab
Secret
Accept the default value, or enter a custom secret. If you use a custom value, we suggest a string of at least 52 characters.
Redirect URI
By default both available Tonos Care environments are pre-filled. If you want to use the connection for only one environment, remove the other value.
Select the Next button.
Self Service tab
Optionally, generate a Self Service product, which makes the application requestable. Select a group which will have access to the product.
Select the Next button.
Finish tab
On the Finish tab, click Save to add the application to HelloID.
Additional configuration
By default, the user's HelloID {{user.contactEmail}} attribute is sent as the unique identifier. If you wish to use another attribute, see Mapping - Overview.
Please make sure the contents of the subject attribute is always the userGUID. If you change this mapping the single sign-on connection wont work.
Supplier-side configuration
The HelloID side of the configuration is now finished. To connect, Tonos Care needs to add the connection on their side. Contact them to request this. Send them the following information:
Discovery document URL
Client ID & Client Secret
Discovery document
Edit the newly-added Tonos Care application.
Right-click the View discovery document button
Select Copy link. The link will look like this:
https://enyoi.helloid.com/oauth2/v2/e6e741f5-a469-4849-93f7-fe2e259a339f/.well-known/openid-configuration/
.
Client ID & Secret
Edit the newly-added Tonos Care application.
Go to the Configuration tab.
Copy the Client ID.
Select the "eye" button to reveal the Secret, and copy the value.
After Tonos Care configured their side of the Single-Sign-On you will receive the application URL. Add this URL to the application configuration:
Open the Tonos Care application in HelloID.
Enter the given URL on the General tab.
Finish up
The Tonos Care application has been added to HelloID, and a trust has been configured between Tonos Care and HelloID.
You are now free to test the application and assign it to users within your organization. See Applications - Overview and its related articles for more information.