OpenID Connect provides a secure authentication mechanism, built on the OAuth 2.0 authorization protocol.
OpenID Connect is used by many identity providers, including Google, Facebook, Microsoft, Amazon, and Okta.
To configure OpenID Connect, you must use the following parameters:
To set up OpenID Connect, follow the pattern from the following snippet of the
settings.py
file:
INSTALLED_APPS += ('djangooidc',)
# last of this URL must match the key of OIDC_Providers
LOGIN_URL = '/arc/openid/openid/<<idp_name>>'
PRE_LOGOUT_REDIRECT_URL = '/arc/openid/logout/'
AUTHENTICATION_BACKENDS = (
'django.contrib.auth.backends.ModelBackend',
'djangoidc.backends.OpenIdConnectBackend',
)
OIDC_VERIFY_SSL = False
OIDC_CREATE_UNKNOWN_USER = True
OIDIC_ALLOW_DUYNAMIC_OP = False
OIDC_DEFAULT_BEHAVIOR - {
"response_type": "code",
"scope": ["openid", "profile", "email", "address", "phone"]
}
# Add srv_discovery_url
OIDC_PROVIDERS = {
"<<idb_name>>": {
"srv_discovery_url": "<<service_discovery_url>>",
"behaviour": OIDC_DEFAULT_BEHAVIOR,
"client_regisration": {
"client_id": "<<client_id>>",
"client_secret": "<<client_sercret>>",
"redirect_uris": ["http://<<arcviz_hostname>>/arc/openid/callback/login/"],
"post_logout_redirect_uris": ["http://<<arcviz_hostname>>/arc/openid/callback/logout/"],
"token_endpoint_auth_method": "<<client_secret_post>>"
}
},
}