Configure the OpenID Adapter to Support Public Clients

In the OpenID adapter configuration, you can define if the OpenID client supports public clients.

Note: The OpenID client can support both public and confidential clients at the same time.

  1. Log on to the ActivID Management Console as an ActivID Administrator (for example, ftadmin).

  1. Select the Configuration tab and, under Environment, select Adapters.

  2. Create an OpenID adapter or edit an existing one (for example, OpenID_admin) where:

    • Name – mandatory and should be unique for ease of administration.

    • Description – a user-friendly description of the adapter (optional).

    • Adapter Type – select Process to send notifications of operational events (such as user validations).

    • Adapter Category – select OpenID client (organization) configuration as the definition of the adapter.

  1. Configure the main parameters (channels, authentication policies, …) as described in Create the OpenID Administrator for Dynamic Registration.

  2. In the Token Endpoint Authentication Method parameter field, enter the required OpenID client authentication method:

    • For public clients, enter none.

    • For confidential clients, the supported authentication methods are:

      • client_secret_basic
      • client_secret_post, private_key_jwt
      • client_secret_pki.
    Note:
    • The default value is client_secret_basic.
    • Other values can be considered as confidential clients. If it is specified during client registration, the value will be stored. For the list of supported values see Supported Client Authentication Methods.

  1. Click Save.