Configuring OpenID Connect (OIDC)

AMT uses Microsoft Entra ID as the OIDC provider by default.

Access to the Control Center

Authentication

1. Find the authentication section in the cc-config.yaml file.
2. The server needs to be configured with the same ID used by the identity provider. Configure the following settings:
   1. issuerURL: The URL of the OpenID Connect authentication provider.
   2. clientID: The ID used for authentication on the OIDC server.
      

      authentication:
        type: OIDC
        clients:
          rest:
            settings:
              issuerURL: issuerURL: https://login.microsoftonline.com/<Server ID Key>/v2.0
              clientID: <Client ID Key>
                      

3. Save the file.

OpenID Connect Configuration

Configure the following settings for the client:

1. Navigate to the following directory: ..\<AMT Environment>\Binaries\control-center\frontend\assets.
2. Open the oidcconfig.json file in a text editor.
3. Configure the following settings:
   1. "issuer": The URL of the OpenID Connect (OIDC) authentication provider.
   2. "clientId": The ID used for authentication on the OIDC server.
      

      {
        "AuthenticationConfig": {
          "issuer": "https://login.microsoftonline.com/<ID key>/v2.0",
          "redirectUri": "http://localhost:4200/control-center",
          "clientId": "<ID key>",
          "scope": "openid profile api://<id>/DefaultApi offline_access",
          "responseType": "code",
          "claimUserName": "preferred_username",
          "tokenRefreshThreshold": 15,
          "loginButtonLogo": "assets/image/<image>.png"
        }
      }
                      

4. Save the file.