The Gigya OpenID Connect service is part of our Federated Identity Management Services, which are premium services that require separate activation. If it is not yet a part of your existing site package, please contact support by submitting a ticket through your Console Support Portal or sending an email to email@example.com.
To set up the OP service, see OpenID Provider Setup.
To configure the service via API, see FIdM OIDC OP REST.
High-level Gigya OIDC Overview
Detailed Gigya Flow Overview
This is the flow of the User Authentication stage requiring Login.
- 1. The RP generates the request and sends it to the Authorization endpoint.
- 2. The Authorize endpoint redirects to the OP's Proxy page.
- 3. The Proxy page checks if the user is logged-in.
- 4. If not logged in, user is prompted to login, then proceeds to the next step.
- 5. If logged in, proceeds to next step.
- 6. The Proxy page redirects to the consentURL (Partner Endpoint).
- 7. If consent is required, the user provides consent. The endpoint then validates the authorization.
- 8. The consentURL (partner endpoint) redirects back to the Proxy page with the requested information (token/code).
- 9. The Proxy page validates the token.
- 10. The Proxy page redirects to the Authorize endpoint.
- 11. The Authorize endpoint redirects back to the RP.