You can link authentication providers to your platform to allow your users to log in using their company credentials. You can integrate any identity provider that is compatible with SAML 2.0 and OpenID protocols. OpenID authentication is always available to all users and cannot be limited to a specific user directory.
This article outlines the steps for setting up an OpenID authentication provider in Haiilo. You will also need to complete certain steps in your identity provider to finalize the connection. To configure OpenID in your identity provider, we recommend referring to the guidelines for your specific identity provider.
Set up an OpenID authentication provider
You need "Manage authentication providers" permission to set up an authentication provider in Haiilo.
- Go to Administration > Authentication
- Select Create authentication provider
- Enter a name. The name is displayed to users on the login screen after "Authenticate with"
- Select the type OpenID Connect
- Check Active
- Decide if you want to use Automatic login. This automatically redirects the user from the login screen to the identity provider after a few seconds. If users don't want to be redirected, they can select Sign in as a local user before the redirect.
- Decide whether this authentication provider sends session emails for new logins
- Select a preset, if applicable to your IdP. A preset auto-fills the fields with IdP-specific information to help you get started. You can also fill out the fields manually by leaving the preset blank.
- Enter the Mapping ID. This is the parameter in the IdP response that needs to match the Haiilo user's login name (e.g., email address).
- Register Haiilo as a web application in your IdP to obtain the Client ID, Client Secret, Tenant ID, Authentication URL, Access-Token URL, User-Info URL, Token Schema, and Authentication schema.
- You will be asked for a Haiilo login/redirect URL. This redirect URL is generated only after saving your configuration in Haiilo. See step 12.
- Enter a Scope. This is the permission that you need to access the URL for user information.
- Select Save to generate the Haiilo Redirect URL. Enter the URL in your IdP's app registration.