Setting up Argus to work with an external OpenID Provider - Authorization Code Flow#
Defining new OpenID Provider#
To define a new OpenID provider, use the/authentication/v1/openid/provider
endpoint:
curl -XPOST -H"Argus-API-Key: my/api/key" https://api.mnemonic.no/authentication/v1/openid/provider -d
{
"customer": "mycustomer",
"shortName": "myprovider",
"name": "My ADFS Provider",
"clientID": "argusClient",
"secret": "myClientSecret",
"responseType": "code",
"jwksURI": "https://my.provider/.well-known/jwks.json",
"providerURI": "https://my.provider/oidc/authorize",
"tokenURI": "https://my.provider/oidc/token",
"issuer": "https://my.provider",
"claimsMapping": {
"userName": "user"
}
}
This setup is similar to the Implicit Flow above, with these differences:
You need to specify the
tokenURI
You need to specify
responseType: code
You need to provide a client secret, typically set when defining the Argus client in the ID provider. This secret is used by Argus when resolving the authorization code towards the token endpoint.