OpenID Connect Authentication
This manual lists all the configurations that the S-Filer Portal's Configuration CLI can change about the OpenID Connect Authentication.
| Configuration key | Description | Default value |
|---|---|---|
| cfg. (Since 4.19.1) | The Base URL used in mail notifications for users in this domain. As an example, this allows setting a different URL for employees and partners, assuming they are in different domains and there are multiple web interfaces configured. | https://localhost/sfiler/ |
| cfg. (Since 4.19.1) | Select « Yes » to enable this authentication mechanism. Remember to turn on the multi-domain feature in the Web GUI configuration to be able to use it in the web interface. | false |
| cfg. (Since 4.19.1) | If auto enrollment is true, the authentication for an unknown user account will be attempted and if it succeeds, the user account will be created in S-Filer. If it is set to false the authentication for an unknown user account won't be attempted, this will avoid locking AD/LDAP accounts that are not defined in the adoption policy. | true |
| cfg. (Since 4.19.1) | This is the default role assigned to a user who is created in this domain (by adoption or auto enrollment). | 0 |
| cfg. (Since 4.19.1) | Client identifier used to authenticate with the OpenID Connect provider. For more details on this configuration, consult the OpenID Connect Configuration Guide. | |
| cfg. (Since 4.19.1) | Client secret used to authenticate with the OpenID Connect provider. For more details on this configuration, consult the OpenID Connect Configuration Guide. | |
| cfg. (Since 4.19.1) | The identity provider you choose will determine the logo and the name that will be displayed in the S-Filer Web Interface login screen. If your identity provider is not in the list, select "Other" and specify its display name in the "Identity provider display name" parameter. | |
| cfg. (Since 4.19.1) | The name of the file containing the custom logo that will be displayed in the S-Filer Web Interface login screen. It is only used when selecting "Other" in the "Identity provider" parameter since all other providers in the list have a fixed logo. This file must be placed in the client theme of the S-Filer Web Interface (consult the OpenID Connect configuration guide for details). | |
| cfg. (Since 4.19.1) | The name of the identity provider that will be displayed in the S-Filer Web Interface login screen. It is only used when selecting "Other" in the "Identity provider" parameter since all other providers in the list have a fixed display name. | |
| cfg. (Since 4.19.1) | This URL is used to retrieve the metadata of the OpenID Connect provider. For more details on this configuration, consult the OpenID Connect Configuration Guide. | |
| cfg. (Since 4.19.1) | Whether accounts in this authentication domain are case sensitive or not. (Example: In Windows, accounts are NOT case sensitive. User 'test' is equivalent to user 'TEST'.) | true |