Authentication with FintechOS Identity Provider

(FintechOS 21.2.2 and later)

The FintechOS Identity Provider built-in integration with OpenID compliant identity providers enables users to log in to the FintechOS Portal using the OpenID single sign-on (SSO).

How to Set up the FintechOS Identity Provider Authentication


Make sure that you know the following values from the OpenID identity provider:

  • Client ID
  • Client Secret
  • Discovery Endpoint

In the web.config file, go to the <appSettings> section and add the configuration of your FintechOS Identity Provider setup:

<!-- 1. Set FintechOS Identity Provider authentication-->
<add key="EBSDefaultAuthentication" value="FTOSOIDC" />
<!-- 2. Replace these values with your FintechOS Identity Provider configuration: -->
<add key="openid-client-id" value="{ClientId}" />
<add key="openid-client-secret" value="{ClientSecret}" />
<add key="openid-discovery-endpoint" value="{DiscoveryEndpointUrl}" />
<add key="openid-callback-url" value="CallbackUrl" />
<!-- 3. FintechOS Identity Provider user role mapping settings: -->
<add key="membership-provider-connection-username" value="admintest" />
<add key="membership-provider-connection-secret" value="1234567" />

For the user role mappings, fill in the following keys as described below:

Key Description
membership-provider-connection-username (No longer required in v21.2.2.4 and later) Requires an account set up in the FintechOS Identity Provider admin console with realm-management role.
membership-provider-connection-secret (No longer required in v21.2.2.4 and later) Password for the above user account.

How users log in the FintechOS Portal

When accessing the FintechOS Portal, users who have a currently active OpenID session are logged in automatically. Otherwise, they are displayed the FintechOS Identity Provider single sign-on login page and will use the OpenID account credentials to log in to the FintechOS Portal.

FintechOS user account automatic synchronization

When a user logs in to FintechOS Portal using FintechOS Identity Provider single sign-on, the first name, last name, and email address stored in the corresponding FintechOS user account are updated automatically based on the OpenID account settings.