Requirements
The following are requirements to complete an OIDC integration with Authentication Cloud:
- Administrative access to the Trusona Management Portal, located at https://portal.trusona.com. You can self-enroll at that URL.
- Your organization must be created within the Portal for you to create a site configuration. Contact support@trusona.com to enable this for you.
- A Fully Qualified Domain Name that can be used in DNS records. Please contact support@trusona.com to learn more.
Integration Flow
The following graphic shows the flow of a passkey authentication using an OIDC integration.
Steps
To configure OIDC on the Trusona side:
- Navigate to the Trusona Management Portal, located at https://portal.trusona.com
- Click on Settings on the left toolbar
- Ensure the OIDC tab is selected as this is the page you will be utilizing to set up your integration.
- On the left column, you’ll see all the inputs, and on the right, all the outputs. Click on Generate New Secret and save the token in a secure system. Afterwards, click the save button at the top of the page.
To configure OIDC on your application’s side:
- Navigate to your application and supply the information in the Trusona output into your application.
- Ensure all the inputs align with the configuration in your application. Adjust these if needed.
- Once all the settings are aligned with your application and the Trusona Management Portal, click on the Save button near the top-right of the Trusona Management Portal.
- At this point, you are ready to test the integration.
Testing Your New OIDC Integration
Now that you have your new OIDC Integration configured, you’ll want to test the flow to ensure that your users have an optimal experience. Below are some test cases that Trusona recommends validating:
- A user logs in and authenticates successfully with Trusona.
- A user says ‘no’ when they receive the Trusona mobile app notification and checks the error messaging and handling.
- A user times out when responding to the Trusona mobile app notification and checks the error message and handling.
- A user toggles the biometric features on their device off and verifies the authentication flow. Biometric features include Touch ID™, Face ID™ and Windows Hello™ face.
- A user navigates to the login page directly by typing the URL in the browser.
- A user navigates to the login page via a browser bookmark.