Complimentary Gartner® Report! 'A CTO's Guide to Open-Source Software: Answering the Top 10 FAQs.'Read more

OpenID Connect Authentication

How to configure BindPlane OP to use OpenID Connect for Authentication

important

🚧 This feature is only available in BindPlane OP Enterprise and BindPlane for Google. Learn more here.

1. Prerequisites

Before beginning, ensure you have the following:

  • An active BindPlane OP Enterprise license.
  • An OpenID Connect (OIDC) provider configured and available.
  • OAuth2 Client ID and Client Secret from your OIDC provider.

2. Configuration

Configuration Steps

  1. Open the BindPlane OP configuration file (by default at /etc/bindplane/config.yaml).

  2. Add or modify the following OIDC configuration settings:

yaml
1auth:
2  type: oidc
3  oidc:
4    issuer: "https://your-oidc-provider.com"
5    oauth2ClientID: "your-client-id"
6    oauth2ClientSecret: "your-client-secret"
7    scopes:
8      - openid
9      - profile
10      - email

  1. Replace the placeholder values:

    • issuer: Your OIDC provider's URL
    • oauth2ClientID: OAuth2 client ID from your OIDC provider
    • oauth2ClientSecret: OAuth2 client Secret from your OIDC provider

  2. Restart BindPlane OP to apply the changes:

bash
1systemctl restart bindplane

After configuration, users will be redirected to your OIDC provider for authentication when accessing BindPlane OP.