Our SSO solution supports only OIDC. It works with any platform which works with this particular authentication layout.
This is what we support/need:
- Client ID & secret: These two values are essential credentials we need to authenticate with the customer server
- Login URL: which login URL is used for logging in
(callback from this login => Riddle receives a code to request an access token later) - Access Token URL: from which URL do you get the access token to get further information about the user (email, …)
- User Info URL: from which url do you get user information with the help of an access token?
- Scopes: which scopes does the SSO platform support? (openid is required)
(our default scopes: openid, email, profile) - (optional) Several environment for tests (test, stage, live)
- The customer can test if Riddle SSO works on e.g. a dev environment before using the live login paths & credentials
Our endpoint details are the following:
- Application Contact: philipp@riddle.com reimar@riddle.com
- Redirect URLs:
- https://local.riddle.com/auth/sso/callback/{encodedCustomerSlug}
- https://dev.riddle.com/auth/sso/callback/{encodedCustomerSlug}
- https://dev2.riddle.com/auth/sso/callback/{encodedCustomerSlug}
- https://dev3.riddle.com/auth/sso/callback/{encodedCustomerSlug}
- https://preview.riddle.com/auth/sso/callback/{encodedCustomerSlug}
- https://staging.riddle.com/auth/sso/callback/{encodedCustomerSlug}
- https://www.riddle.com/auth/sso/callback/{encodedCustomerSlug}
- Access Token TTL: 3600
- OpenID Connect JWT Token TTL: 3600
- Scopes: openid, email, profile
You’ll use the following URL to login:
https://riddle.com/auth/sso/login/{encodedCustomerSlug}
(you have to replace {encodedCustomerSlug} with your encoded customer slug)