Generic OIDC
Warning
Only workspace administrators can configure SSO.
Hint
Generic OIDC SSO configuration
Enabling an OIDC-compliant identity provider requires configuring an application with that provider. Follow these steps for general configuration rules.
Warning
The user MUST have the email address set in the SSO provider as it's required by Buddy for identification.
Sign in to your Buddy workspace as an administrator, go to Workspace Settings → SSO, and switch to Open ID connect → Custom.
Alternatively, use these links for cloud and self-hosted versions:
https://app.buddy.works.com/WORKSPACE_URL_HANDLE/workspace/sso https://INSTANCE_URL/WORKSPACE_URL_HANDLE/workspace/sso
- In another tab, sign in to your OIDC provider and create a new app.
Configure the application details:
- copy and paste the Callback URL from Buddy as callback/redirection URI/URL
- make sure to set the email address as the sign-in/register method
Once configured, find these values in the application and set them in Buddy:
- Client ID
- Client secret
- Issuer URL
Image loading...Workspace SSO configuration
- Click Test configuration and enable the SSO on success. Buddy will redirect you to the SSO provider's login page.
- Sign in to authenticate and enable SSO in your workspace.
Warning
If Buddy is unable to connect to the identity provider, make sure that both the signature and the digest methods match those used by the provider (some providers do not use the most popular RSA-SHA256 / SHA256 methods).
Last update:
Sep 23, 2024
Sep 23, 2024