Articles in this section

Enable OIDC on an Adaptiva Server

Avatar
Camille Hansen
  • Updated
Follow

The Adaptiva Server supports using OIDC to login with your IAM account. You may use Microsoft Entra ID (formerly Azure Active Directory) as shown in the example below.

Prerequisites

Before enabling OIDC on an Adaptiva Server, verify the following items:

  • IAM provider supports OpenID Connect.

  • Adaptiva OneSite Admin Portal can be accessed using a URL from a browser.

  • TLS is enabled (by default). The URL begins with https://.

  • Adaptiva Server is upgraded to 9.1 or later.

Create an App Registration for the Adaptiva Server

Create an App Registration for your Adaptiva Server using the steps below.

Note

If using an IAM service other than Microsoft Entra, follow the directions from the provider to register Adaptiva as an IAM service tenant.

  1. Sign in to Microsoft Azure as a Global Admin.

  2. Enter App Registration in the Search field on the top of the Welcome to Azure! dialog, and then select App registrations from the modal dialog that appears.

    OS-Plat-Plan-Azure-searchappregistration.png

  3. Select New Registration.

    OS-Plat-Plan-Azure-newregistration.png

  4. Enter a user-friendly Name for the application you are creating.

    Tip

    If you begin the name with Adaptiva, the application will always appear at the top of an alphabetically sorted list of applications.

    OS-Plat-Plan-Azure-registerapp.png

  5. Set up the URIs:

    1. Select Select a platform, and then select Single-page application (SPA).

    2. Enter the Adaptiva OneSite Admin Portal URL as shown in the following example:

      https://AdaptivaServerFQDN[:PORT]/

      The <AdaptivaServerFQDN[:PORT]> is the name and port used to log into the Adaptiva OneSite Admin Portal.

    3. Select Register.

Add Redirect URIs

After creating the Adaptiva Server app registration, add another URI. A pair of URIs is required for every FQDN used to access the Adaptiva OneSite Admin Portal.

  1. Expand Manage in the left navigation pane of the left-side pane, and then select Authentication.

    OS-Plat-Plan-Azure-authenticate.png

  2. Select Add URI in the Single-page application section to add the second URL:

    OS-Plat-Plan-Azure-adduri.png

  3. Enter the Adaptiva OneSite Admin Portal URL as shown in the following example:

    https://AdaptivaServerFQDN[:PORT]/oidc-redirect/registration

    The <AdaptivaServerFQDN[:PORT]> is the name and port used to log into the Adaptiva OneSite Admin Portal.

  4. If the server is accessed using other names, besides the AdaptivaServerFQDN, create a pair of URIs for each name you use.

Gather Integration Details for Adaptiva

After creating and configuring the app registration for the IAM service, gather the details required to complete the integration in the Adaptiva OneSite Admin Portal.

  1. Select Overview in the left-side pane.

    OS-All-OIDC-RecordIDs.png

  2. Record the Application (client) ID and the Directory (tenant) ID.

  3. Continue to Create an OIDC Provider.

Create an OIDC Provider

  1. Log in to the Adaptiva OneSite Admin Portal as a Super Admin.

  2. Select OS-AP-GearIcon.png on the upper right, and then navigate to Settings > Security > OIDC Settings.

    OSP-All-OIDC-NavToOIDCinPortal.png

    This opens the OIDC Providers workspace.

    OS-All-OIDC-ProvidersTableAdminPortal.png

  3. Select +New to open a new OIDC Providers template, and then configure the following General Settings:

    1. Enter a client-facing Name (such as Azure ID, Entra ID, or Okta ID) for the OIDC Provider, and then add a detailed Description.

    2. Select the Enabled toggle to enable (default) or disable the use of the OIDC provider login field on the Admin Portal login page.

    3. (Optional) Add a logo for the OIDC provider.

      Note

      For best results, upload a PNG logo file that is at 65px by 65px square image.

  4. Scroll down to OIDC Settings and add the details provided by the Global Admin:

    OS-All-OIDC-EnterIDs.png

    1. Enter the tenant ID in the Authority field. For Entra, the tenant ID is a URL such as the following:

      https://login.microsoftonline.com/<tenantID>/v2.0

    2. Enter the Application (client ID) in the Client ID field.

  5. Create and Invite a User to complete the user registration.

Create an Administrator Account

After completing the setup, register users as an Adaptiva Administrator using the following steps:

  1. Log in to the Admin Portal as a Super Admin.

  2. Select the OS-AP-GearIcon.png, and then navigate to Settings > Security > Administrators.

  3. Select +New to open the Administrator template.

  4. Create an Administrator account in the open template, using the following steps:

    Note

    A red asterisk next to a field name indicates a required field.

    1. Add the following admin details in the Administrator Details section:

      1. Select the Admin Type dropdown menu, and then select OpenID Connect.

      2. Enter the email address for the user you are creating. The Admin Portal uses this address to send an email invitation to the user, and to match the user with their IAM service identity.

      3. Select Browse under OIDC Provider, and then select the OIDC Provider you created.

    2. Enter the first and last name of the user in the User Details section. Include any additional information on the user as needed.

    3. Select Save.

  5. Select the More dropdown menu, and then select Invite to send an invitation email to the user. Refer to the account activation for information on what the invite user will see.

Complete Account Registration

After receiving the invitation email, the user can complete the account registration using the following steps:

  1. Select Register Account in the email. This takes the user to the IAM service login page.

    • If the user is not already logged in, the IAM prompts them to log in.

    • The IAM login allows the Adaptiva Service to receive the credentials provided to them and log the user into Adaptiva OneSite Admin Portal automatically.

    OS-Plat-Plan-Azure-accountactivation.png

  2. Log out of the Admin Portal, and then relaunch the portal from your browser.

    The Adaptiva Login screen now lists the new login selection for the IAM service.

    OS-All-OIDC-AdmiPortalLoginPage.png

Related articles

Comments

0 comments

Please sign in to leave a comment.