Learn how to configure a new OpenID Connect (OIDC) Connection
Each SSO Identity Provider requires specific information to create and configure a new Connection. Often, the information required to create a Connection will differ by Identity Provider.
To create an OpenID Connect (OIDC) Connection, you'll need four pieces of information: a Redirect URI, a Client ID, a Client Secret, and a Discovery Endpoint.
WorkOS provides the Redirect URI. It's readily available in your Connection's Settings in the Developer Dashboard.
The Redirect URI is the location an Identity Provider redirects its authentication response to.
And then, you provide the Client ID, Client Secret, as well as the Discovery Endpoint.
Normally, this information will come from your Enterprise customer's IT Management team when they set up your application's OpenID Connect configuration in their Identity Provider admin dashboard. But, should that not be the case during your setup, here's how to obtain them.
1Create an Application with your IdP
For SSO to properly function with your Identity Provider, you'll need to create and configure your OpenID Connect application to support the authorization code grant type and have the redirect URI from WorkOS listed as your login redirect uri.
2Provide your Client Credentials
After creating an OpenID Connection application, a Client ID and Client Secret will be provisioned for you by your Identity Provider. Enter these in your Connection's Settings in the Developer Dashboard.
3Add Discovery Endpoint
Your Identity Provider's Discovery Endpoint contains important configuration information. Enter this in your Connection's Settings in the Developer Dashboard.Your Connection will then be verified and good to go!