Moving from Cookie or Windows Authentication to OIDC
This page serves as a guide to update authentication configurations, for upgrading from AMT versions 147 and older, to AMT versions 148 and newer. Prior to AMT 148, Windows or Cookie Authentication was used. Starting in AMT 148, Windows Authentication was replaced by OpenID Connect (OIDC), requiring a change in configuration.
Changes in the IIS
The following changes must be made to the authentication settings in the IIS for the AMT Control Center, Application Center web apps, and their respective APIs when moving from Cookie or Windows Authentication to OIDC.
| Cookie Authentication |
Windows Authentication |
OIDC (AMT 148 and newer) |
||
| Control Center API |
Anonymous Authentication: Windows Authentication: |
Enabled Disabled |
Enabled Enabled |
Enabled Disabled |
| Control Center |
Anonymous Authentication: Windows Authentication: |
Enabled Disabled |
Disabled Enabled |
Enabled Disabled |
| Application Center API |
Anonymous Authentication: Windows Authentication: |
Enabled Disabled |
Enabled Enabled |
Enabled Disabled |
| Application Center |
Anonymous Authentication: Windows Authentication: |
Enabled Disabled |
Disabled Enabled |
Enabled Disabled |
Changes in appsettings.json
| When upgrading from an older authentication type to OpenID Connect authentication, it is strongly recommended to start with a fresh copy of the sample appsettings file. |
Control and Application Center
The following settings have been changed:
"ClientId": This setting has been moved from the "Amt" section to the new "OIDC" section.
"ClientSecret": This setting has been moved from the "Amt" section to the new "OIDC" section.
"AuthenticationType": The available values for this setting have changed. The values "Windows" and "Cookies" have been replaced by "OIDC".
"Authority": A new OIDC setting.
"Scope": A new OIDC setting.
"NameClaimType": A new OIDC setting.
APIs for Control and Application Center
The following settings have been changed:
"Authority": A new OIDC setting.
"Audience": A new OIDC setting.
"NameClaimType": A new OIDC setting.