Hub 2.5 Help

OpenID Authentication Module

In addition to the OpenID providers that are supported with built-in authentication modules, Hub lets you enable authentication for any OpenID provider that uses OpenID 2.0.

Enable OpenID Authentication

To allow users to sign in to Hub with OpenID authentication, enable an OpenID authentication module.

Prerequisites

Before you start, verify the following requirement:

  • You have Create Auth Module and Update Auth Module permissions in Hub.

Instructions

To enable the module, follow these steps.

  1. In the Access Management section of the Administration menu, select Auth Modules.
  2. From the Add Module drop-down list, select OpenID Provider.
    • The Add Module dialog opens in the sidebar.
  3. In the Add Module dialog, enter values for the following settings:
    FieldDescription
    NameEnter a name for the authentication module.
    Server URLEnter the server address of the OpenID provider. The provider defines the format that is required for the URL.
    For details, refer to the documentation of the OpenID provider.
  4. Click the Create Module button.
    • The OpenID authentication module is enabled.
    • The Auth Modules page displays the settings for the OpenID authentication module. For additional information about the settings on this page, see OpenID Authentication Module.
      openidModuleEnabled.png
    • The icon stored in the Button Image setting is added to the login dialog window. Users can click this icon to authenticate with their OpenID credentials.
      loginDialogOpenID.png

Settings

The settings are configured automatically when the module is added to Hub. You do not have to change these settings. To configure the options that define how Hub treats new user accounts with OpenID credentials, see OpenID Authentication Module.

FieldDescription
TypeDisplays the name of the application or service that is enabled for third-party authentication in Hub.
NameStores the name of the authentication module. Use this setting to distinguish this module from other authentication modules in the Auth Modules list.
AuthenticationDisplays the current status of the module. This status indicates whether the module is currently enabled or disabled.
AuditLinks to the Audit Events page in Hub. There, you can view a list of changes that were applied to this authentication module.
Server URLStores the URL of the OpenID provider used to authenticate a login request in Hub.

Schema

Use the following settings to map user data stored with the OpenID provider to user accounts in Hub.

FieldDescription
EmailStores the location that contains the email address.
First NameStores the location that contains the first name of the user.
Last NameStores the location that contains the last name of the user.
Full NameStores the location that contains the full name of the user.
AvatarStores the location that contains the avatar of the user.

User Account Management

When a user logs in to Hub with an OpenID account for the first time, Hub checks if an account with the same email address exists. If an account with the same email address exists, the OpenID credentials are added to the existing account.

Use the following settings to configure how Hub manages user accounts.

FieldDescription
Create UsersEnables creation of Hub accounts for unregistered users who log in with OpenID credentials. Hub uses the email address to determine whether the user has an existing account. If you disable this option, only users who already have accounts with matching emails are able to log in to Hub.
Auto-join GroupsAdds users to a group when they log in with OpenID credentials. You can select one or more groups. New users that auto-join a group inherit all of the permissions assigned to this group.
We recommend that you add users to at least one group. Otherwise, a new user is only granted the permissions that are currently assigned to the All Users group.
Last modified: 20 September 2016