Trusona allows you to have a passwordless experience with many applications that support OIDC (OpenID Connect). If you do not see documentation for your application, that’s ok! You can use the information below in addition to your application’s OIDC’s documentation to integrate with Trusona.
Definitions:
- Trusona is considered IdP (identity provider)
- The application you are integrating Trusona with is considered the RP (Relying Party)
OIDC References:
1. IdP (Identity Provider) Configurations
- Log into the Trusona Dashboard at Trusona Dashboard
- Click on OIDC integrations, located on the left-hand navigation
- Select ‘Create OIDC Integration’
- Enter a name for your OIDC integration
- If you have a verified domain, select one or more of your domains if you would like to pass the email address as the user identifier. If not, then you can skip choosing a domain
- Client Redirect Host: Input the URL where the request will be coming from
- Select ‘Save’
2. IdP (Identity Provider) Information and RP (Relying Party) Configurations
Use the following information to configure your Relying Party. Please refer to your Relying Party’s OIDC configuration documentation.
- Discovery URL: https://gateway.trusona.net/oidc/.well-known/openid-configuration
If you cannot input a Discovery URL, use the following information. This information can also be found by navigating to the Discovery URL in your browser.
- Authorization Endpoint = https://gateway.trusona.net/oidc
- Claims Supported = “emails”, “sub”, “aud”, “email_verified”, “nbf”, “tcs”, “iss”, “tcl”, “exp”, “iat”, “email”, “jti”
- id_token_signing_alg_values_supported = “RS256”
- issuer = https://gateway.trusona.net
- jwks_uri = https://gateway.trusona.net/oidc/certs
- response_types_supported = “code”, “id_token”
- subject_types_supported = “public”, “pairwise”
- token_endpoint = https://gateway.trusona.net/oidc/tokens
-
userinfo_endpoint = https://gateway.trusona.net/oidc/userinfo
- Response Type: id_token or token
- Response Mode: form_post
- Scope: openid profile email
- Client ID: This is listed on the generic OIDC integration page in the Trusona Dashboard
We support both implicit and code flow, but by default use the implicit flow. If you would like to use the code flow, please securely send us your client secret for the integration.