IDaaS SP

The IDaaS SP screen allows you to view, add, and update the IDaaS SP settings for your site.

IDaaS SP list

Accessing the screen

In the left sidebar menu, under "SETTINGS", click [External system integration] -> [IDaaS SP].
Image from Gyazo

Field descriptions

Image from Gyazo

FieldDescription
EnableStatus of the IDaaS SP.
Image (fetched from Gyazo): Enabled
Image (fetched from Gyazo): Disabled
Login IDaaS SP nameName of the IDaaS SP.
TypeType of IDaaS SP.
Updated onDate and time of last update to the IDaaS SP.

IDaaS SP editor

Accessing the screen

In the left sidebar menu, under "SETTINGS", click [External system integration] -> [IDaaS SP].
Image from Gyazo

On the IDaaS SP list screen, click the name of the IDaaS SP you want to edit.
Image from Gyazo

Item descriptions

IDaaS SP editor

Image from Gyazo

FieldDescription
Login OAuth SP nameName of the OAuth SP. Check the "Enable" box to enable the current settings.
(Note: The test function can be used even if the OAuth SP settings are disabled.)
Target domainTarget domain of the OAuth SP (admin panel URL or API domain).
TypeName of the Service that you are planning to use with IDaaS functionality.
(Note: Currently only Azure AD B2C is supported)
Login URLThis URL needs to be set on Azure side as Provider's Redirect/Reply URI.
Client IDIdentifier to confirm the client. This will be provided by Microsoft when configuring the Provider.
Client SecretSecret to make the requests. This will be provided by Microsoft when configuring the Provider.
Authorize URLURL to Autorize the user login state, this will be porived by Microsoft when configuring.
Token URLURL to get the Token information of the logged in user.
(More on this can be found here)
Resource URLURL for the Resource of the user. This is used to exchange information of the user object between Kuroco and Microsoft.
JWKS URLURL to handle the Key Sets, this will be provided by Microsoft when Configuring.
(API) Generate grant tokenSelect the API for which the user should have granted access to by default.
Return URL (success)URL that user will be redirected to upon successfully logging in.
Return URL (error)URL that user will be redirected to if login fails.
Automatic user registrationOption to enable automatic registration. Disabling this option redirects all unregistered users to the return URL (error) when they try to log in via SSO.
Store the ID in Member Ext Col and link without using emailIf checked, the user ID attribute will be used instead of email for authentication purposes.
Save user access tokenIf checked, the long-lived access token will be saved in the Database of Kuroco for any processing which needs to be done on behalf of the user later.

Actions

fetched from Gyazo

ButtonDescription
UpdateApply all changes made on this screen.
TestTest the IDaaS SP settings to verify the fields that contain the necessary data. Click update to save the entered data before executing a test.
DeleteDelete the current IDaaS SP.

If you have any other questions, please use our contact form or Slack workspace.