Configure GAS for OpenID Connect/OAuth2 SSO

Prepare the Genero Application Server (GAS) to use an OpenID Connect/OAuth2 Identity Provider (IdP) for Single sign-on (SSO).

You have created an account with an OpenID Connect/OAuth2 Identity Provider (IdP) that you plan to use for authentication (for example, Google or a private IdP).

  1. If your GAS is located behind a proxy, configure the proxy settings in $FGLDIR/web_utilities/services/openid-connect/res/fglprofile.

    Remove the comment characters and set the appropriate values for proxy.http.location and proxy.https.location to match your network environment.

  2. Start your GAS dispatcher (if GAS is not running behind an external web server).

The Genero OpenIDConnect service requires HTTPS communication with the IdP. If needed, configure SSL certificates and Certificate Authority (CA) details in your fglprofile file. Refer to the Genero Business Development Language User Guide for instructions.

Your GAS installation is now ready to use OpenID Connect/OAuth2 SSO. Next, configure your application to use this IdP by registering the application with the IdP and providing the required values (client_id, callback URI, scopes) in your application configuration file. For details, go to Add OpenID Connect SSO to web application.