11.7.11 Experiencing External Identity Provider

With all the changes ready, run the app to test out authentication using the external identity provider.

You put all the ingredients in place:

  • OCI IAM Domain with users, groups, group assignments, and a confidential app
  • Web credential to securely store confidential app's client id and secret
  • Social sign-in authentication scheme with credential and Open ID Connect discovery URL
  • Post-authentication procedure to enable user's groups with custom code
  • Application uses custom code to resolve authorization schemes
  • Authorization schemes use custom type to resolve Is In Role/Group membership.

Now, when end users run the app, as shown below, they see the external identity provider's login page. Once users login, the rest of the application behaves identically to before, including all the role-based access control.

Figure 11-39 Users Now Login to Woods HR Using OCI IAM Sign In


Description of Figure 11-39 follows
Description of "Figure 11-39 Users Now Login to Woods HR Using OCI IAM Sign In"

Parent topic: Integrating an External Identity Provider