IDaaS SP
The IDaaS SP screen allows you to view, add, and update the IDaaS SP settings for your site.
IDaaS SP list
Accessing the screen
In the left sidebar menu, under "SETTINGS", click [External system integration] -> [IDaaS SP].
Field descriptions
| Field | Description |
|---|---|
| Enabled | Status of the IDaaS SP. : Enabled : Disabled |
| Login IDaaS SP name | Name of the IDaaS SP. |
| Type | Type of IDaaS SP. |
| Updated on | Date and time of last update to the IDaaS SP. |
IDaaS SP editor
Accessing the screen
In the left sidebar menu, under "SETTINGS", click [External system integration] -> [IDaaS SP].
On the IDaaS SP list screen, click the name of the IDaaS SP you want to edit.
Item descriptions
IDaaS SP editor
| Field | Description |
|---|---|
| Login OAuth SP name | Name of the OAuth SP. Check the "Enable" box to enable the current settings. (Note: The test function can be used even if the OAuth SP settings are disabled.) |
| Target domain | Target domain of the OAuth SP (admin panel URL or API domain). |
| Type | Name of the Service that you are planning to use with IDaaS functionality. (Note: Currently only Azure AD B2C is supported) |
| Login URL | This URL needs to be set on Azure side as Provider's Redirect/Reply URI. |
| Client ID | Identifier to confirm the client. This will be provided by Microsoft when configuring the Provider. |
| Client Secret | Secret to make the requests. This will be provided by Microsoft when configuring the Provider. |
| Authorize URL | URL to Autorize the user login state, this will be porived by Microsoft when configuring. |
| Token URL | URL to get the Token information of the logged in user. (More on this can be found here) |
| Resource URL | URL for the Resource of the user. This is used to exchange information of the user object between Kuroco and Microsoft. |
| JWKS URL | URL to handle the Key Sets, this will be provided by Microsoft when Configuring. |
| (API) Generate grant token | Select the API for which the user should have granted access to by default. |
| Return URL (success) | URL that user will be redirected to upon successfully logging in. |
| Return URL (error) | URL that user will be redirected to if login fails. |
| Automatic user registration | Option to enable automatic registration. Disabling this option redirects all unregistered users to the return URL (error) when they try to log in via SSO. |
| Store the ID in Member Ext Col and link without using email | If checked, the user ID attribute will be used instead of email for authentication purposes. |
| Save user access token | If checked, the long-lived access token will be saved in the Database of Kuroco for any processing which needs to be done on behalf of the user later. |
Actions
| Button | Description |
|---|---|
| Update | Apply all changes made on this screen. |
| Test | Test the IDaaS SP settings to verify the fields that contain the necessary data. Click update to save the entered data before executing a test. |
| Delete | Delete the current IDaaS SP. |
Support
If you have any other questions, please contact us or check out Our Slack Community.