Clients are applications that require Identity Server to provide Open Authentication logins. In our case, this might be another Perspective product such as Enterprise BI Portal or Data Governor.
A client application needs to be configured to talk to the Identity Server via an agreed upon set of information, that needs to be configured on the Identity Server.
Once a client configuration has been configured, the client application can be provided the necessary information, and start communicating.
- To create a client, open the Identity Server.
- Click on ‘Click here to administer Identity Server, you will be required to login’ on the homepage.
- Click on ‘Clients’ from the left hand menu or the center tiles.
- Here you can see the list of existing clients, where you can view update or delete.
- Click the ‘New’ button from the top right to create a new client.
- Record the ‘Client Id’ and ‘Secret’, you will require these when configuring your client application.
- Enter a name for your client application, this is just a friendly name for your own reference under ‘Client Name’.
- Enter the URL to your client, followed by a trailing forward slash under ‘Client Uri’.
- Enter the URL where the user should be redirected to, once they have logged out of your application under ‘Post Logout Redirect Uri’.
- Complete one or more redirect URLs under ‘Redirect Uri’. You should add the URL from ‘Client Uri’, along with any other URLs where a sign in request may originate from.
- Optionally choose whether users must consent to logging in to this client application.
- If you have configured more than one authentication provider, you can limit which authentication providers are available for this client application.
- You can optionally change various token lifetime values as desired.
Token lifetime values require a solid understanding of Open Authentication token flows, otherwise you may cause your application to become unavailable to your users.
- Click ‘Save’ once finished.
- You should now see your client in the client list. It is now ready for use by your client application.