Configure OAuth2 OpenID Connect (OIDC)

Colectica Repository can use OpenID Connect for authentication. The inclusion of the email claim is required in the OIDC profile to enable account creation. Follow these instructions to enable OpenID Connect support.

1. In PortalDir\appsettings.json, find the OpenIDConnect section.

   "OpenIDConnect":
   {
      "Enabled": "false",
      "Authority": "",
      "ClientId": "",
      "ClientSecret": "",
      "Audience": "",
      "NameClaimType": "",
      "GetClaimsFromUserInfoEndpoint": "true"
   }
   

2. Set the Enabled property to true.

3. Set the Authority property to the URL for your OIDC server, such as http://localhost:8080/auth/realms/master.

4. Set the ClientId and ClientSecret for the client you have configured on your OIDC authority.

5. For JWT, Set the Audience which should be used, or leave blank.

6. To manage which OIDC users and groups map to the different Colectica roles, see Users in the Colectica Portal documentation.