- Authorization URL: the address of initiation of the authentication process.
- Token URL: the API address to obtain a token.
- User Info URL: the address at which the obtained token can be exchanged for user information.
- Client ID and Client Secret: values assigned to the Autenti system in the system authentications that allow Autenti to identify itself in the connected system.
During configuration, the connected authentication system should also configure the address redirect URL, i.e., the address to which the user's browser is redirected after authentication. The address value is given in the form field in a convenient way to copy. Additionally, if the connected system requires it, connections from the autenti.com domain must be allowed. A sample configuration form (on the example of Okta) is shown below:
Before saving the configuration, Autenti allows you to test it to check whether the settings are correct and the correct configuration has also been set in the connected system. This is crucial because a possible configuration error may cause an inability to log in (also for the administrator).
You should also verify that the email addresses of the users returned by the connected system correspond to the addresses configured for users in Autenti.
After successful configuration, inform users about the dedicated address for logging in using SSO and configure it (e.g., adding it to bookmarks) as the address for logging in to Autenti. This will allow you to redirect users automatically to an external authentication system without providing any data to Autenti.
For security reasons, it is impossible to authenticate a non-user of the organization. From the moment SSO is set up, the administrator of the connected SSO system decides which users can authenticate according to the capabilities of that system.
Hint for integration with Microsoft Azure:
Authorization URL to "authorization_endpoint": https://login.microsoftonline.com/common/oauth2/v2.0/authorize
Token URL to "token_endpoint":https://login.microsoftonline.com/common/oauth2/v2.0/token
User info URL to "userinfo_endpoint": https://graph.microsoft.com/oidc/userinfo