Home > User Interface > Configuration > Policy Configuration > Authentication Sources > External > OpenID
|
Menu path: Configuration > Policies and Access Control > Authentication Sources > External > OpenID.
This form of authentication uses OpenID login credentials. The fields in the OpenID source authentication are shown below. Several API values are obtained from the OpenID web site during your site's registration. The registration process is described in detail in one of the A3 Installation and Usage Guides (Installation and Usage Guide - Registration VLAN or Installation and Usage Guide - No Registration VLAN).
| Field Name | Usage | Example |
|---|---|---|
| Name | The name of the authentication source. | OpenID |
| Description | A description of the purpose of the authentication source. | Registration based on OpenID login credentials |
| App ID | A value provided by OpenID during registration with the OpenID API. | |
| API Secret | A value provided by OpenID during registration with the OpenID API. | |
| API URL | The base URL that A3 should use at authentication time for user authentication. This is typically https://www.openid.net. | https://www.openid.net |
| API Authorize Path | A sub-location within the API URL used for authentication | /oauth/v2/authorization |
| API Token Path | A sub-location within the API URL used for token access. | /oauth/v2/accessToken |
| Scope | The scope of the information that A3 will request. | openid |
| API URL of Logged user | The URL to use after a token is obtained. | |
| Portal URL | The callback location used by OpenID. Generally https://<hostname>/oauth2/callback. | https://a3.company.com/oauth2/callback |
| Authorized domains | A comma separated list of domains that the client will resolve during authentication, despite any networking restrictions. | |
| Create Local Account | If enabled, when a user completes an authentication a local A3 account will be created for the user if one does not already exist. |
|
| Password Hashing Method | The algorithm used to hash passwords in the database. Only new or reset passwords are affected. One of Bcrypt, Plaintext, or NTLM. | Bcrypt |
| Number of Logins for Local Account | If Create Local Account is enabled, then this field designates the number of times that the user can login. A value of 0 means an infinite number of times. | 0 |
| Authentication Rules | Indicates the actions to be performed when the authentication is satisfied. Authentication rules are covered in detail in Authentication Rules. |
Copyright © 2021 Extreme Networks. All rights reserved. Published April 2021.