Forum Discussion
Karim
Cirrostratus
CirrostratusUsing OpenID Connect to authenticate users
Hello all,
I want to use OpenID Connect to authenticate my users before gaining access to one of my application. I want to use my bigip as OpenID Provider (ie: the entity that authenticate the user...
Brett_Jarvis_36
Nimbostratus
NimbostratusWe have upgraded to version 14.0.0.1 build 002 and have OAuth 2 working as an authorization server. We would like to enable OpenID in order to access ID token so we can request UserInfo attributes. Has anyone successfully enable OpenID on the F5(Provider)? Anyone have a working example?
In my own lab environment I had to disable opaque tokens and enable jwt (14.1).
The following is roughly what it looks like
apm profile oauth oauth-oidc-profile {
app-service none
audience none
client-apps {
oauth-oidc-client { }
}
id-token-primary-key myrsa
issuer https://issuer.example.com
jwt-refresh-token-enc-key [redacted]
jwt-token enabled
opaque-token disabled
openid-connect enabled
primary-key myrsa
resource-servers {
oauth-api-rs { }
}
userinfo-primary-key myrsa
}
Results in
{
"access_token": "ewog...NifA",
"expires_in": 300,
"token_type": "Bearer",
"scope": "openid",
"refresh_token": "nrY...i62",
"id_token": "ewog...LUCA"
}