OpenID Connect

To implement single sign-on, you need to provide IBM® Security Verify or another configured identity provider with information about the application. Verify provides a predefined template for each of the application that it supports.

The OpenID Connect and OpenID Connect for Open Banking template makes use of the new OpenID provider https://<tenant-hostname>/oauth2/.well-known/openid-configuration, while the Custom Application template with OpenID Connect sign-on method is using the old OpenID provider https://<tenant-hostname>/oidc/endpoint/default/.well-known/openid-configuration. Use the OpenID Connect and OpenID Connect for Open Banking templates if they are sufficient for the functionality you need.

The OpenID Connect for Open Banking template is similar to the OpenID Connect template but caters more to applications that need to conform to Open Banking requirements.

General information

Select Applications > Applications. Hover over an application name and select the settings icon Settings. On the General tab, specify the basic information about the application. See Setting the basic application details.

Single sign-on configuration

On the Sign-on tab, provide the application URL and other sign-on configuration parameters. See Configuring single sign-on in the OpenID Connect for Open Banking applications.

Entitlements

Note: This tab is not displayed until you save your application.

To assign who can access and use the application instance, see Managing application entitlements (by administrator or application owner).

API access

If a developer builds an application that uses one or more of the Verify functions, the application must be entitled to call the appropriate Verify APIs. Register the in-house application as an application API client in API access to assign it a unique client ID and secret. See Managing OpenID Connect and OpenID Connect for Open Banking application API access.

Privacy

Note: This tab is not displayed until you save your application.

The purposes and EULAs are displayed with name, description, tags, attributes that they include, and status.

  1. Add a purpose or EULA.
    1. Select Add purposes.
    2. Select the checkbox for the purpose or EULA that you want to add. You can select more than one.
    3. Select Add purposes.
  2. Remove a purpose or EULA.
    1. Select Add purposes.
    2. Select the checkbox for the purpose or EULA that you want to remove. You can select more than one.
    3. Select Remove.