Implement SSO using Admin Center

To integrate a single sign on (SSO) using OpenID Connect Provider, you'll use the IAM (identity and access management) UI in Admin Center. You need the Client ID, Client Secret, and Issuer URL values from the provider. Any OIDC-compliant authentication provider can be integrated. Examples of integrating OIDC providers are:

• Okta
• Google Cloud Platform
• Microsoft Entra ID
• AWS Cognito

Add an OIDC provider

The Log In Connector wizard creates a new connector using the Client ID, Client Secret, and Issuer URL values from the OIDC provider.

Before you begin

• To set up a new Log In Connector, collect the Client ID, Client Secret, and Issuer URL from your Open ID Connect provider.
  • If you're using Microsoft Entra ID, the Issuer URL is the OpenID Connect metadata document found in the Endpoints section of the Enterprise Application.
  • If you're using Google Cloud Platform, the issuer URL is https://accounts.google.com/.well-known/openid-configuration, and the Client ID and Client Secret can be gathered using the instructions in Collect client values from Google Cloud Platform.
  • If you're using Okta, see Configure an aiWARE organization and authentication login connector
  • For all other OIDC providers, see their product documentation for where to find the values.

Steps

1. Access Admin Center by logging in to your aiWARE administrative account. In the header bar, select   and then Admin Center .
   Admin Center slides out as a panel.

2. Click Security > IAM in the left navigation panel.
   The Identity and Access Management panel appears.

3. Click Add New to open the Log In Connector wizard. Fill out the Provider Configuration options:

   • Name - Enter a name for the connection
   • (Optional) Description - Enter a description for the connection
   • (Optional) Website URL - Enter the value for the domain noted above
   • Client ID - Enter the Client ID value noted above
   • Client Secret - Enter the Client Secret value noted above
   • Issuer URL - Enter the value for the issuer URL noted above

4. Click Next.

5. Fill out the Button Design options. These represent the login button users see when logging into aiWARE, once connected.

   • Button Text Label - Descriptive title seen at login screen. This must always start with "Login with…".
   • (Optional) Button Logo
   • (Optional) Customize the color and text color of your button.

6. Click Create.
   Your connector appears as a new item in the Identity and Access Management panel.

7. Click Copy Callback URI.
   Your callback URI is copied to the clipboard.

8. Record your callback URI in a safe place.

What to do next

To complete the integration, add the callback URI to your OIDC server setup. The callback URI is also sometimes called a redirect URL and specifies the URL to return to when authentication completes.

Three examples are:

• Add connector callback URI to Google OAuth credentials
• Configure a platform in Microsoft Entra ID
• Configure Okta Application Integration to aiWARE

For all other OIDC providers, see their product documentation for where to add the callback URI.

• For steps using GraphQL, see Create a Microsoft Entra ID OpenID Connect Provider using GraphQL.
• For an overview of the Admin Center UI, see Admin Center overview.

• Administer aiWARE
• Identity and access management (IAM)
• Implement SSO using Admin Center