Skip to main content

HelloID

SDB Identity OpenID application setup
Introduction

This article shows how to make an OpenID connection to the SDB modules, using SDB Identity. The configuration takes place in HelloID and requires you to send information to SDB.

Requirements

  • HelloID environment

  • SDB Identity supported module

Create or Import a Certificate

If there is no certificate yet, a certificate must be imported or created. This can be done in the HelloID Administrator Portal under Settings > Certificates. For this tutorial, we will use a self-signed certificate. Learn more about certificates here.

Application Setup
Add the SDB Identity Application

Create a new application in HelloID by navigating to Applications > Applications. Open the Application Catalogue and search for "SDB Identity". Find the OpenID template, and click Add. Learn more about managing applications here.

mceclip0.png
General tab

On the Generaltab, set the Default Login URL field to your SDB Identity environment URL. Click Next.

mceclip1.png
Single Sign-On tab

On the Single Sign-On tab, perform the following steps:

  1. Provide a value in the Secret field. Make sure this secret has no special characters. We suggest a string of at least 52 characters with uppercase, lowercase and numbers.

  2. In the Signing Certificate dropdown, select the certificate that you previously created or imported.

  3. Change the Redirect Uri to the redirect Uri provided by provided by SDB. For example: https://{customer}.sdbidentity.nl/signin-oidc-18

  4. Click Next.

mceclip2.png
Self Service tab

On the Self Service tab, choose whether to automatically create a Self Service product, which makes the application requestable. This is optional. Click Next.

Finish tab

On the Finish tab, click Save to add the application to HelloID.

mceclip3.png
Additional Configuration
Mapping

Make sure the correct user identifier is sent to SDB Identity. By default the contact email address is used. This can be changed when needed (on both sides). Learn more about configuring application mapping here.

mceclip5.png
SDB Identity configuration
Request SSO

In order to make the connection, SDB needs to add the connection on their side.

Send the following information to SDB:

  1. Client ID

  2. Client Secret

  3. Discovery document URL

After SDB sets up the connection, Single-Sign On configuration is complete and can be tested.

Client ID & Client Secret

Find these values on the Configuration tab of the application. Select the eye icon to view the secret.

mceclip7.png
Discovery document

Right-click the View discovery document button and copy its URL.

mceclip4.png
In this section: