Setting up OIDC authentication provider

Edit online

IBM Engineering AI Hub uses OpenID Connect (OIDC) for secure authentication. OIDC is a secure authentication protocol that uses OAuth 2.0 to provide an identity layer, allowing clients to verify a user's identity based on the authentication performed by an authorization server.

Before you begin

Ensure that you have access to Engineering Lifecycle Management Jazz Authorization Server (JAS) as an OIDC Authentication provider. Gather clientId, clientSecret, and wellKnownEndpoint for Configuring the instance.

About this task

Registering Engineering AI Hub as a client includes submitting the JAS client registration request.

Procedure

  1. Go to https://<jas_host_name>:<port_number>/oidc/endpoint/jazzop/clientManagement.
  2. Click Add New.
  3. Specify the following details. Replace the values in <> brackets with the values that you want to provide.
    • Client ID: <engineeringaihub_client_id>
    • Client secret: <engineeringaihubclient_secret>
    • Client name: <engineeringaihub_client_name>
    • Array of redirect URLs: https://ai_hub_server.ibm.com/api/v1/callback and https://<aihub-hostname>/admin

      Replace ai_hub_server with your server name.

    • Scope:Openid profile general email
    • Grant types: Authorization_code and refresh_token
  4. Click Register.