Creating a Federation Partner with XCreds

Creating a Federation Partner with XCreds from Twocanoes Software

Creating a federation partner for use with XCreds isn’t particularly different than for other uses.

Configuration Steps

1. Go to Configuration module > Security > Identity Providers > Federation Partners

2. Click Add Federation Partner and Select OpenID Connect and you will be taken to a page to create the OIDC Partner.

3. Under the General section provide a name for the OIDC Partner and add the following Callback URLs:

   https://127.0.0.1/xcreds
   

4. Under the Claim Attributes section, add the following Claim Attributes:

   Name	Claim	Claim Type	Attribute Value Type	LDAP Attribute	REGEX Filter	Single Valued	Binary
   Profile	profile	string	ldap	employeeType		false	false
   SN	sn	string	ldap	sn		true	false
   Email	email	string	ldap	mail		true	false
   First Name	first_name	string	ldap	givenName		true	false
   ID	id	string	ldap	idautoID		true	false

5. Click Save.

6. It may be necessary to navigate to the the IDP Configuration and trigger a service reload and web reload.

7. Additional setup will be required within XCreds and you will need to make note of the following values:
   a. The Client ID of the created Federation Provider. This can be found on the edit page of the Federation Partner that was created.
   b. The Client Secret of the created Federation Provider. This can be found on the edit page of the Federation Partner that was created
   c. The discovery URL/Endpoint for OIDC on the RapidIdentity Server https://<rapididentity hostname>/idp/.well-known/openid-configuration

Endpoints for OIDC are as follows:

For details on how to continue the integration configuration from within XCreds, please check out this document: XCreds Identity Provider Integration Guide