This article shows how to make an OpenID connection to the SDB modules, using SDB Identity. The configuration takes place in HelloID and requires you to send information to SDB.
- HelloID environment
- SDB Identity supported module
Create or Import a Certificate
If there is no certificate yet, a certificate must be imported or created. This can be done in the HelloID Administrator Portal under Settings > Certificates. For this tutorial, we will use a self-signed certificate. Learn more about certificates here.
Add the SDB Identity Application
Create a new application in HelloID by navigating to Applications > Applications. Open the Application Catalogue and search for "SDB Identity". Find the OpenID template, and click Add. Learn more about managing applications here.
On the General tab, set the Default Login URL field to your SDB Identity environment URL. Click Next.
Single Sign-On tab
On the Single Sign-On tab, perform the following steps:
- Provide a value in the Secret field. Make sure this secret has no special characters. We suggest a string of at least 52 characters with uppercase, lowercase and numbers.
- In the Signing Certificate dropdown, select the certificate that you previously created or imported.
- Change the Redirect Uri to the redirect Uri provided by provided by SDB. For example:
- Click Next.
Self Service tab
On the Self Service tab, choose whether to automatically create a Self Service product, which makes the application requestable. This is optional. Click Next.
On the Finish tab, click Save to add the application to HelloID.
Make sure the correct user identifier is sent to SDB Identity. By default the contact email address is used. This can be changed when needed (on both sides). Learn more about configuring application mapping here.
SDB Identity configuration
In order to make the connection, SDB needs to add the connection on their side.
Send the following information to SDB:
- Client ID
- Client Secret
- Discovery document URL
After SDB sets up the connection, Single-Sign On configuration is complete and can be tested.
Client ID & Client Secret
Find these values on the Configuration tab of the application. Select the eye icon to view the secret.
Right-click the View discovery document button and copy its URL.