OpenID Connect

Skip to end of metadata
Go to start of metadata

The Gigya OpenID Connect service is part of our Federated Identity Management Services, which are premium services that require separate activation. If it is not yet a part of your existing site package, please contact support by submitting a ticket through your Console Support Portal or sending an email to support@gigya.com.

 

Overview

 

Gigya's partners can act as OpenID Connect Providers (OP) using the OpenID Connect (OIDC) protocol. 
Activating your account as an OP will enable 3rd party sites (RPs) to authenticate their users against your existing user base.

 

To set up the OP service, see OpenID Provider Setup.

To configure the service via API, see FIdM OIDC OP REST.

High-level Gigya OIDC Overview

 

Detailed Gigya Flow Overview

This is the flow of the User Authentication stage requiring Login.

  • 1.    The RP generates the request and sends it to the Authorization endpoint.
  • 2.    The Authorize endpoint redirects to the OP's Proxy page.
  • 3.    The Proxy page checks if the user is logged-in.
  • 4.    If not logged in, user is prompted to login, then proceeds to the next step.
  • 5.    If logged in, proceeds to next step.
  • 6.    The Proxy page redirects to the consentURL (Partner Endpoint).
  • 7.    If consent is required, the user provides consent. The endpoint then validates the authorization.
  • 8.    The consentURL (partner endpoint) redirects back to the Proxy page with the requested information (token/code).
  • 9.    The Proxy page validates the token.
  • 10.  The Proxy page redirects to the Authorize endpoint.
  • 11.  The Authorize endpoint redirects back to the RP.

 

 

Additional Information

OpenID Connect Provider Setup

OpenID Connect REST APIs