Forum Discussion
Karim
Cirrostratus
CirrostratusUsing OpenID Connect to authenticate users
Hello all,
I want to use OpenID Connect to authenticate my users before gaining access to one of my application. I want to use my bigip as OpenID Provider (ie: the entity that authenticate the user...
Brett_Jarvis_36
Nimbostratus
NimbostratusWe have upgraded to version 14.0.0.1 build 002 and have OAuth 2 working as an authorization server. We would like to enable OpenID in order to access ID token so we can request UserInfo attributes. Has anyone successfully enable OpenID on the F5(Provider)? Anyone have a working example?
In my own lab environment I had to disable opaque tokens and enable jwt (14.1).
The following is roughly what it looks like
apm profile oauth oauth-oidc-profile { app-service none audience none client-apps { oauth-oidc-client { } } id-token-primary-key myrsa issuer https://issuer.example.com jwt-refresh-token-enc-key [redacted] jwt-token enabled opaque-token disabled openid-connect enabled primary-key myrsa resource-servers { oauth-api-rs { } } userinfo-primary-key myrsa }Results in
{ "access_token": "ewog...NifA", "expires_in": 300, "token_type": "Bearer", "scope": "openid", "refresh_token": "nrY...i62", "id_token": "ewog...LUCA" }
