OIDC Generic Integration Documentation

This guide details the steps required to integrate Trusona using OIDC

Trusona allows you to have a passwordless experience with many applications that support OIDC (OpenID Connect). If you do not see documentation for your application, that’s ok! You can use the information below in addition to your application’s OIDC’s documentation to integrate with Trusona.

Definitions:

  • Trusona is considered IdP (identity provider) 
  • The application you are integrating Trusona with is considered the RP (Relying Party)

OIDC References:

1. IdP  (Identity Provider)  Configurations 

  • Log into the Trusona Dashboard at Trusona Dashboard
  • Click on OIDC integrations, located on the left-hand navigation 
  • Select ‘Create OIDC Integration’ 
  • Enter a name for your OIDC integration  
  • If you have a verified domain, select one or more of your domains if you would like to pass the email address as the user identifier. If not, then you can skip choosing a domain
  • Client Redirect Host: Input the URL where the request will be coming from
  • Select ‘Save’

2. IdP  (Identity Provider) Information and RP (Relying Party) Configurations

Use the following information to configure your Relying Party. Please refer to your Relying Party’s OIDC configuration documentation.

  • Discovery URL: https://gateway.trusona.net/oidc/.well-known/openid-configuration

If you cannot input a Discovery URL, use the following information. This information can also be found by navigating to the Discovery URL in your browser.

  • Authorization Endpoint = https://gateway.trusona.net/oidc
  • Claims Supported = “emails”, “sub”, “aud”, “email_verified”, “nbf”, “tcs”, “iss”, “tcl”, “exp”, “iat”, “email”, “jti”
  • id_token_signing_alg_values_supported = “RS256”
  • issuer = https://gateway.trusona.net
  • jwks_uri = https://gateway.trusona.net/oidc/certs
  • response_types_supported = “code”, “id_token”
  • subject_types_supported = “public”, “pairwise”
  • token_endpoint = https://gateway.trusona.net/oidc/tokens
  • userinfo_endpoint = https://gateway.trusona.net/oidc/userinfo

  • Response Type: id_token or token
  • Response Mode: form_post
  • Scope: openid profile email
  • Client ID: This is listed on the generic OIDC integration page in the Trusona Dashboard

We support both implicit and code flow, but by default use the implicit flow. If you would like to use the code flow, please securely send us your client secret for the integration.


Integrations

Desktop
IAM and SSO
SCIM
PAM
Productivity
VPN
General

Guides

Get started guides
Implementation guides
Users guides

SDKs

Mobile SDKs
Server SDKs
Web SDKs

APIs

Authentication Service
ID Proofing Service
Mobile Auth for Browsers Service

TOTP

Business
E-commerce
Finance
Productivity
Social
Gaming
Other