OIDC fields - HxGN EAM - 12.1.0.1 - Feature Briefs - Hexagon

HxGN EAM SSO Configuration

Language
English
Product
HxGN EAM
Search by Category
Feature Briefs
HxGN EAM Version
12.1.0.1

There is a direct correlation between the OIDC fields on the SSO Configuration screen and the OIDC install parameters.

The OIDC install parameters will be deprecated with system upgrades.

The SSO Configuration screen supports both Authorization Code and ROPC OIDC configuration. For Authorization Code OIDC configuration, all three fields: Issuer, Client ID, and JWKS URI must be populated. For ROPC OIDC configuration, all three fields: ROPC Issuer, ROPC Client ID, and ROPC JWKS URI plus the Client Password and Token End Point fields must be populated. Populating Scope is optional.

OIDC Configuration

Field

Install Parameter

Issuer

The OpenID Connect ID token issuer.

OIDCISS

Client ID

The OpenID Connect Client ID.

OIDCCLNT

JWKS URI

The OpenID Connect JWKS URI.

OIDCJWKS

Password Grant

If the user selects the Password Grant check box, the system will set the ROPC Issuer, ROPC Client ID, ROPC JWKS URI, Client Password, and Token Endpoint fields as required.

ROPC Issuer

The OpenID Connect ID token issuer for ROPC.

ROPC Client ID

The OpenID Connect Client ID for ROPC.

ROPC JWKS URI

The OpenID Connect JWKS URI for ROPC.

Client Password

The OpenID Connect client password.

OIDCCLPW

Scope

The OpenID Connect scope to be passed in the request sent to the token end point.

OIDCSCOP

Token End Point

The OpenID Connect token end point.

OIDCTKEP

Authentication Endpoint

n/a

End Session Endpoint

n/a

OIDC Claims

Field

Install Parameter

Identity Claim

The name of the OpenID Connect ID token claim containing the unique identity information of the user.

OIDCIDNT

UPN Claim

The name of the OpenID Connect ID token claim containing the displayable user information (UPN/Identity2).

OIDCUPN

Role Claim

The name of the OpenID Connect ID token claim containing the role information.

OIDCROLE

Tenant Claim

The name of the OpenID Connect ID token claim whose value contains the tenant information.

OIDCTNT

Email Claim

The name of the OpenID Connect ID token claim containing the email address

OIDCEML

User Description Claim

The name of the OpenID Connect ID token claim containing the user description.

OIDCUSDS