Suche aufrufen
Menü aufrufen
47
1.3K
10
34.8K
HITGuard User Guide
Toggle preferences menu
Persönliches Menü aufrufen
Nicht angemeldet
Ihre IP-Adresse wird öffentlich sichtbar sein, wenn Sie Änderungen vornehmen.

Translations:Login Möglichkeiten/25/en

Aus HITGuard User Guide
Weitere Optionen
Version vom 27. Mai 2025, 09:42 Uhr von Faha (Diskussion | Beiträge)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
"AllowOpenIdConnectUserMappingByUsername": true, // Allow mapping of OpenIdConnect (or Microsoft Entra ID) user with HITGuard user by OpenIdConnect username with HITGuard user's username when first logging in with OpenIdConnect if activated. (i.e. the OpenIdConnect account gets associated with a hitguard user that has a username, see "HitGuardUserNameClaim" to configure which claim provides the username)
"AllowOpenIdConnectUserMappingByEmail": false, // Allow mapping of OpenIdConnect (or Microsoft Entra ID) user with HITGuard user by OpenIdConnect username with HITGuard user's email when first logging in with OpenIdConnect if activated. (i.e. the OpenIdConnect account gets associated with a hitguard user that has a matching email)
"OpenIdConnect": {
    // If you need to authorize redirect URIs at the Provider, authorize '{HITGuard-domain}/Account/ExternalLoginCallback'
    "Enabled": true,
    "Providers": [
      {
        "Name": "Google", // This name will be displayed to the Users and needs to be unique. Entering 'Google' would for example display as Login with Google
        "Authority": "https://accounts.google.com", // needs to point to the domain where the provider hosts the '/.well-known/openid-configuration', for google this would be e.g. 'https://accounts.google.com'"
        "ClientId": "[Google-Client-Id]", // ClientId for your Application with the Provider
        "ClientSecret": "[Google-Client-Secret]", // ClientSecret for your Application with the Provider
        "CallbackPath": "/signin-oidc-google", // CallbackPath registered with the Provider, must be unique from other providers. Choose any valid path e.g.: '/signin-oidc-google
      },
      {
        "Name": "Microsoft",
        "Authority": "https://login.microsoftonline.com/[Microsoft-Tenatn-Id]/v2.0",
        "ClientId": "[Microsoft-Client-Id]",
        "ClientSecret": "[Microsoft-Client-Secret]",
        "CallbackPath": "/signin-oidc-microsoft",       
        "GetClaimsFromUserInfoEndpoint": true, // If set to true additional claims will be retrieved from the UserInfo endpoint, by default this is false so it will only look at claims in the ID_token, set this to true, if you configure a different "HitGuardUserNameClaim" and do not include it in the ID_token
        "HitGuardUserNameClaim": "hitguard_username", // If AllowOpenIdConnectUserMappingByUsername (toplevel) is set, this property can be used to customize which claim will have the hitgurad username that should be matched. The default of this is the "preferred_username" claim which should be present in the "profile" scope. If this is set to a different value, the Identity Provider needs to be configured to actually include the configured claim in the ID_token (or UserInfo endpoint, which requires "GetClaimsFromUserInfoEndpoint": true) returned to HITGuard.
     }
   ]
}
Abgerufen von „https://userguide.hitguard.de/index.php?title=Translations:Login_Möglichkeiten/25/en&oldid=34725
Zuletzt geändert
Diese Seite wurde zuletzt am 27. Mai 2025 um 09:42 Uhr bearbeitet.