Triasweb OpenID application setup
Introduction
This article demonstrates how to set up HelloID and Triasweb for single sign-on using the OpenID protocol. The configuration takes place in HelloID and requires you to send information to Triaspect.
Introduction
HelloID environment
Triasweb environment
Create or import a certificate
If there is no certificate yet, you must create or import one. For this tutorial, we will create a self-signed certificate. Name it TriaswebSelfSigned
.
Application setup
Add the Triasweb application
Add a new application.
Find the template for Triasweb (OpenID).
Select its Add button.
General tab
Change the Default Login URL to your Triasweb environment's URL, in the format:
https://triasweb.nl/<customer>
Select the Next button.
Single Sign-On tab
Secret
Accept the default value, or enter a custom secret. If you use a custom value, we suggest a string of at least 52 characters.
Security Algorithm
hmac-sha256
Signing Certificate
Select the
TriaswebSelfSigned
certificate that you previously imported or created.Grant Type
Hybrid
Redirect URI
Enter the value provided by Triaspect, in the format:
https://portaal.triasweb.nl/<customer>/signin-oidc
Select the Next button.
Self Service tab
Optionally, generate a Self Service product, which makes the application requestable. Select a group which will have access to the product.
Select the Next button.
Finish tab
On the Finish tab, click Save to add the application to HelloID.
Supplier-side configuration
The HelloID side of the configuration is now finished. To connect, Triaspect needs to add the connection on their side. Contact them to request this. Send them the following information:
Discovery document URL
Client ID & Client Secret
Discovery document
Edit the newly-added Triasweb application.
Right-click the View discovery document button
Select Copy link. The link will look like this:
https://enyoi.helloid.com/oauth2/v2/e6e741f5-a469-4849-93f7-fe2e259a339f/.well-known/openid-configuration/
.
Client ID & Secret
Edit the newly-added Triasweb application.
Go to the Configuration tab.
Copy the Client ID.
Select the "eye" button to reveal the Secret, and copy the value.
Finish up
After you provide the discovery document and client ID & secret, Triaspect will add the configuration on their side. The application is now ready for use.
Go to the HelloID User Dashboard and launch the application. You should be authenticated into the application without being prompted for credentials.
You are now free to test the application and assign it to users within your organization. See Applications - Overview and its related articles for more information.