Configure GAS for OpenID Connect SSO

Follow these steps to configure the Genero Application Server for OpenID Connect Single sign-on (SSO).

  1. Create an account with an OpenID Connect provider that will provide authentication services for you, e.g. see Configure OpenID Connect identity on Google. Through this one account, the IdP provides you with an authentication services that identifies to the GAS the users that access your application. Add the public and shared secret ids obtained from the IdP to your application's configuration files, see Add OpenID Connect SSO to Genero Web application.
  2. If the Genero Application Server is located behind a proxy, configure the proxy in the OpenID Connect fglprofile file in $FGLDIR/web_utilities/services/openid-connect/res. Remove the comment and set the correct value for the entry called proxy.http.location and proxy.https.location.
  3. Start your dispatcher (if not behind a web server).
Note: Genero OpenId Connect service requires HTTPS communication with the IdP. If needed, you may have to configure SSL and CA authority in the fglprofile file. (see the Genero Business Development Language User Guide for details).
The Genero Application Server is ready to use OpenID Connect SSO to authenticate end users.