Skip to main content

HelloID

The Competence Group TCG Academy OpenID application setup
Introduction

This manual shows how to make an OpenID connection to TCG Academy. The configuration takes place in HelloID and requires you to send information to TCG.

Requirements:

  • HelloID environment

  • TCG Academy environment

Create or Import a Certificate

If there is no certificate yet, a certificate must be imported or created. This can be done in the HelloID Administrator Portal under Settings > Certificates. For this tutorial, we will use a self-signed certificate. Learn more about certificates here.

Application Setup
Add the TCG Academy Application

Create a new application in HelloID by navigating to Applications > Applications. Open the Application Catalogue and search for "TCG". Find the OpenID template, and click Add. Learn more about managing applications here.

mceclip0.png
General tab

On the General tab, replace the customer id {customer_id} in the Default Login URL field. Optionally, you may also add a description. Click Next.

mceclip1.png
Single Sign-on tab

On the Single Sign-On tab, perform the following steps:

  1. Provide a value in the Secret field. This can be any value that you want, although we suggest a string of at least 52 characters.

    Important: Make note of this value, as you will need to send it to TCG Academy later on.

  2. In the Signing Certificate dropdown, select the certificate that you created or imported previously.

  3. For the Redirect Uri, TCG will provide you with a customer specific Uri. This will probably look like the default value but with you organization name instead of {customer}.

  4. Click Next.

mceclip2.png
Self service tab

On the Self Service tab, choose whether to automatically create a Self Service product, which makes the application requestable. This is optional. Click Next.

Finish tab

On the Finish tab, click Save to add the application to HelloID.

mceclip3.png
Additional Configuration

After adding the TCG Academy application, click its Edit link on the applications overview. This will bring you to its properties page. Right-click View discovery document at the right top of the screen and Copy link address. This is the URL that you need to provide to TCG.

mceclip4.png

Then click on the tab Configuration, you will find the Client ID at the top of the configuration. Copy this value to send to TCG later.

mceclip0.png

Click on the button Configure Mapping Set.

User Mapping

Make sure to use an attribute that is known in TCG as the Subject. This could be the user login name or the attribute employeeID.

Click Close and then click Save. The configuration of the HelloID application is finished.

TCG Academy Configuration

In order to make the connection, TCG support needs to add the connection on their side. Please contact TCG for further information. They will need at least the Client Secret, the Client ID and the location of the Discovery document. These are defined in the previous steps.

They will provide you with the correct Redirect Uri.

In this section: