OIDC / OAuth third-party applications
Logto is an identity service built on the OpenID Connect (OIDC) protocol, providing both authentication and authorization capabilities. This make integrating an OIDC third-party app as straightforward as traditional web application.
Thus due to OIDC builds upon OAuth 2.0 adding an authentication layer, you can also integrate third-party app using OAuth protocol.
Set up the OIDC configurationsβ
Before setting up the OIDC configurations, please ensure you've created an OIDC third-party application.
-
Provide the redirect URI of your OIDC third-party application. This is the URL that the third-party application will redirect users to after they are authenticated by Logto. You can usually find this information in the third-party application's IdP connection settings page.
-
Retrieve the client ID and client secret from Logto application details page and enter them into your service provider's IdP connection settings page.
-
Retrieve the authorization endpoint and token endpoint from Logto application details page and provide them to your service provider. If your service provider supports OIDC discovery, you can simply copy the discovery endpoint from Logto application details page and provide it to your service provider. The service provider will be able to retrieve all the up to date OIDC authentication information from the discovery endpoint automatically. Otherwise, click on the Show endpoint details button to view all the OIDC authentication endpoints.
Consent screen for OIDC third-party applicationsβ
For security reasons, all the OIDC third-party applications will be redirected to a consent screen for user authorization after they are authenticated by Logto.
All the third-party requested user profile permissions, API resource scopes, organization permissions, and organization membership information will be displayed on the consent screen.
These requested permissions will be granted to the third-party applications only after the user clicks on the "Authorize" button.
Further actionsβ
Learn how to manage permissions for your OIDC third-party application.
Personalize the consent screen appearance to match your brand identity and provide a consistent user experience.
Related resourcesβ
Using Logto as an third-party identity provider (IdP)