Skip to content

Configuring S-Filer Portal for OpenID Connect

The following steps take place in the S-Filer Portal administrative console. They must be performed after OpenID Connect has been configured in your desired Identity Provider as some information from that configuration is required in these steps.

Step 1 - Activate the Multidomain feature for the Web client(s)

  • Log into the Administrative Console using your login details
  • Open the section of the web GUI component for which you want to offer OpenID Connect authentication
  • Open the Configuration section
  • Click on Features
  • Activate the Enable "Multi domain" feature

admin-multi-domain-active

Step 2 - Create and set up the authentication method

  • Use the link presented by the server name in the left menu to create a new authentication mechanism.

admin-create-new-auth-method

  • Enter a name
  • Select the OpenID Connect option as the Authentication Mechanism
  • Click on Add Authentication Mechanism

admin-create-new-openid-connect-auth

  • In the left-hand menu, open the section of the S-Filer server
  • Open the Authentication menu
  • Select the authentication mechanism just added
  • In the Basic configurations tab, you need to Enable the authentication mechanism and the Auto Enrollment
    • This is required because it is the only way to adopt users in S-Filer Portal since the automatic adoption is not supported for OpenID Connect

admin-authentication-active

Step 3 - OpenID Connect configuration

  • Go to the OpenID Connect tab
  • Enter the values obtained during the identity provider configuration in the Metadata URL, Client identifier and Client secret parameters
  • Select your identity provider from the drop-down menu of the Identity provider parameter
    • If it is not listed, select Other
    • This parameter determines the name and the logo of the login button representing this authentication mechanism in the authentication page of the S-Filer Portal Web Interface
    • All identity providers known to S-Filer Portal have a name and a logo that cannot be modified

INFO

In the case of an unknown provider (the Other choice), the Identity provider display name and Identity provider custom logo parameters are used to customize the login button. The Identity provider display name will appear on the login button after the text Sign-in with. The Identity provider Custom Logo is the name of the file containing the logo to be displayed on the login button. This file must be placed in the client theme at this precise location on the machine where the S-Filer Portal gateway has been installed:

/gateway_installation_path/gateway/webapps/sfiler-gui-ajax/themes/your_theme/images/authentication/5

If the Identity provider custom logo parameter is not defined, or if the defined file is not found in the specified location on the file system, a generic logo will be used.

admin-authentication-openid-connect

See also

Refer to the authentication mechanism configuration documentation for OpenID Connect for a complete description of all the configuration fields for this authentication mechanism.

Step 4 - Restart S-Filer Portal

To make the changes effective, it is necessary to restart the S-Filer Portal server and Web client. After restarting both components, a new button will become available on the authentication page.

login-containing-microsoft-button