OpenID Connect#
The integration of OpenID Connect, a layer built on top of OAuth 2.0, allows the Critical Manufacturing Security Portal to establish a login session using a RESTful HTTP API to provide user identity and authentication on top of the OAuth 2.0 framework while allowing OAuth to access protected resources. All this while using a framework that is interoperable (using JSON), simple to implement and secure.
More information on these external guides:
- OpenID Connect explained in plain English ⧉
- OIDC in a nutshell ⧉
- AccessToken Vs ID Token Vs Refresh Token ⧉
Email login with OIDC providers#
When the Critical Manufacturing Security Portal is using OIDC providers, the following property must be added in the tenants\config\[tenant]\dataSource\config section of the config.json file:
Note
This setting uses the MailAddress property of the MES User instead of the UserAccount to validate the login to the OIDC application.