Add an Incoming OpenID Connect Adapter
OIDC is an authentication protocol that builds on the OAuth 2.0 framework to provide a simple and standardized way to verify the identity of users based on the authentication performed by an authentication server. You may need to refer to your OIDC provider's documentation to obtain the values required for the fields in the following procedure.
Configure the UAS Settings
First, make sure you have an outbound SAML adapter configured. Then on the UAS Settings screen, select Add Authentication Adapter. Fill out the fields as follows:
Field | Description |
|---|---|
Alias | This is a unique name for the adapter and is used in URLs. The alias will be stored as all lowercase letters and should not contain any special URL characters. |
Enabled | This toggle determines whether the adapter is available for use. |
Auth Type | OIDC |
Use Outbound Adapter | Select the authentication adapter which will be used for outbound authentication to the external service. If you do not select one, the default outbound adapter will be used. |
Debug Enabled | This toggle determines whether debug statements are written to the logs for troubleshooting purposes. |
Client ID | Enter the Client ID for the API Provider. |
Client Secret | Enter the Client Secret for the API Provider. |
API Base URL | Enter the Base URL for the OIDC Provider’s API Services. |
Login API Path | Enter the path needed to initiate the login process. |
Scope | Enter the scopes or permissions required for the API. Typical values or "read" or "openid". |
Token API Path | Enter the path to call the Token API. |
User API Path | Enter the path to call the User API service. The username can be injected into a token value for the URL using {username}. |
Username Property | Enter the property that UAS will utilize to match the Blackboard Username or Batch UID. This is the property in the returned JSON response of the User API service which corresponds to a user's username. The value of this property is used to log the user into the target system. |
Select Save to save your configuration.
The URL for the configured adapter is https://{region}.extensions.blackboard.com/api/v2/authadapters/sites/{siteId}/auth/{alias}.