Defining OIDC security scheme components

An OIDC (OpenID Connect) security scheme defines settings for using your OIDC provider to control access to the API.

Before you begin

Before you can create an OIDC security scheme component, you must create a native OAuth provider and configure the OIDC settings for it.
  1. Create an OIDC provider.
  2. Configure the OIDC parameters for your native OAuth provider.

Procedure

  1. Open the API for editing, as described in Editing an OpenAPI 3.0 API definition.
  2. Expand Components > Security Schemes and then click OpenAPI 3.0 API add icon to add a new security scheme.
  3. In the Add schema dialog box, provide the following settings before clicking Add:
    • Security Scheme Name (Key): provide a name for the new scheme.
    • Security Scheme Type: select openIdConnect
    • OpenID Connect URL: type the authorization endpoint URL for the OIDC provider.
  4. On the OpenId Connect Security Scheme page, add information about the OIDC provider:
    • Type: select your OIDC provider from the list.

      The list only displays the native OAuth providers that are configured for OIDC with a discovery URL provided in the OpenIDConnect Discovery path field, and are enabled for the catalog that the API is configured to use.

    • OpenID Connect URL: When you select your provider, the URL is filled in for you with the discovery URL that was configured for the native OAuth provider.
  5. Click Save.