Complete OpenID Connect server configuration

This page describes how to complete the OpenID Connect (OIDC) server configuration, as part of the Configure and enable OIDC process, by specifying the redirect URL.

Prerequisites

• You have created a pair of Client ID and Client Secret on the OIDC server covered in Configure the OIDC server and completed the steps described on the following page: Configure and Enable OpenID Connect.

• You have copied the sign-in URL in the OIDC dialog.

The structure of the redirect URL that Diligent Data Room passes to the OIDC server is as follows: https://<diligent-platform-url>/auth/oidc/login/<organization-id> You can extract the value of the redirect URL from the sign-in URL that you have copied. The value is URL encoded.

1. In the sign-in URL, find the part that starts with &redirect_uri=. This is the redirect URL. Example: &redirect_uri=https%3A%2F%2Fsecurefiles.diligentbaords.com%2Fauth%2Foidc%2Flogin%2F87d7ac96-xxxx-yyyy-a5e2-6da49cac605b

2. Decode the URL so that it conforms to the structure of the redirect URL as shown above. Example: https://securefiles.diligentbaords.com/auth/oidc/login/87d7ac96-xxxx-yyyy-a5e2-6da49cac605b

3. Specify this redirect URL on your OIDC server and save the configuration.

The configuration is complete.

Users are now able to sign in to Diligent Data Room via OIDC. OIDC users with existing Diligent Data Room accounts will be redirected to the OIDC server for authentication once they have entered their email address on the default Diligent Data Room sign-in page. Users without Diligent Data Room accounts can use the sign-in URL to auto-provision their accounts. All OIDC users can use the sign-in URL to sign in.