Knowledge Base

Open ID Connect

  • Updated

Higher Logic has an identity server that uses the OIDC (Open ID Connect) standard. The identity server can be used to set up a connection between your Higher Logic community and an external, third-party system (such as an AMS/CRM database, an LMS, or a custom mobile app).

When that connection has been set up, you can then use single sign-on (SSO) to link the systems and simplify member log-in activities. For example, your members can log in to your community and then, by virtue of being logged in, easily log in to your LMS without having to specify their log-in credentials because their identity has already been authenticated.

Create an OIDC client

To use the Higher Logic identity server, you have to create and configure an OIDC client.

  1. In the Admin Toolbar, click Admin.

Toolbar-Admin.png

  1. Navigate to Settings > Integration > OIDC Authentication.

NAV.png

NOTE: If OIDC Authentication is not in your navigation menu, create a case with Higher Logic Support.

  1. On the OIDC Client list page, click the plus sign icon to the right of the page title to open the wizard and create an OIDC client.

TIP: As you work through the wizard, you can return to any of the previous panels by either clicking Back until you reach the panel or clicking the panel title in the left navigation.

OIDC client wizard

This process takes you through the set-up wizard panels for the Advanced option. If you choose a different option, the series of panels might be different.

Advanced-wizard.png

NOTE: Be sure to complete all fields on all panels in order to ensure that your OIDC client is properly configured; some of the fields cannot be edited after the client is created.

On the Select Client Type panel:

  • Select Advanced from the dropdown and click Continue.

On the Advanced Client Setup panel:

  • In the dropdown, select Web Application, and then specify a name for the client and provide a description of its purpose.
  • Click Continue.

On the Client Credentials panel:

  • Select and copy the client_id and client_secret; paste and save them to a secure location.
  • Click Continue.

On the Assign Required Security Groups panel:

  • Optionally, designate which (if any) Security Groups will control cross-application SSO access.
  • Click Continue.

On the Select Scopes panel:

  • Select the scopes that you want to use to control the client's access to authenticated-member data.
  • Click Continue.

On the Set redirect_uris panel:

  • Click (+) Add to specify a redirect URI in the format shown.
  • Click (+) Add to input additional URIs.
  • Click Continue.

On the Refresh Tokens panel:

  • Check the box to enable the use of refresh tokens as described on the panel.
  • Click Continue.

On the Review and Submit panel:

  • Review the summary of your client configuration.
  • You can return to any panel to make changes.
  • Be sure to copy the client_secret now if you didn't do so while on the Client Credentials panel.
  • Click Finish.

The set-up wizard completes.

On the OIDC Client Management list page:

  • click X to close the confirmation message and
  • verify that your new client is listed.

Manage your OIDC clients

On the OIDC Client list page, you can manage your clients as described below.

  • Click a client to select it; its configuration properties display in the flyout Preview Panel. You can click the client row again to close the Preview Panel.

Management actions

With a client selected, click More and then click:

  • Example Requests to open a dialog with sample code for GET and POST requests.
  • Edit Client to open a dialog where you can change some of the client's properties and settings. Click Submit Changes to save any changes or click the X in the title bar to discard your changes and close the dialog.
  • Delete Client to delete the selected client. On the confirmation prompt, click Delete Client to complete the action or click the X in the title bar to close without deleting.

Manage Secrets

You can manage a client's secrets on the Manage Client Secrets page by clicking:

  • the Manage Secrets button or
  • one of the n Secrets links, as shown.

Manage-Secrets_3-options.png

On the Manage Client Secrets page, you can click:

  • a secret to select it and then click Delete. On the confirmation prompt, click Delete to complete the action (or click Cancel).

Manage-Secrets-dialog_2-options.png

  • the plus sign icon to the right of the page title to create a secret. Be sure to copy the secret and save it to a secure location.

New-Secret.png

Click the X in the upper right to return to the OIDC Client list page.

Was this article helpful?
0 out of 0 found this helpful
Return to top

Can’t find what you’re looking for?

Create a Case Call US Support