Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add Identity Providers

Before you add an identity provider, you must register Paragon Automation with the identity provider. While registering, you must provide the URL where you would be hosting Paragon Automation; see Configure Portal Settings.

To add an identity provider to Paragon Automation, you will need the following information from the identity provider:

  • The link to the authentication server of the identity provider (known as issuer).

  • Client ID and Client secret.

    You can obtain the client ID and client secret details from the identity provider when you register with the identity provider.

Paragon Automation allows you to add OpenID Connect (Anuta ATOM) and Google as identity providers.

To add an identity provider:

  1. Select Administration > Authentication > Identity Providers on the left navigation menu.

    The Identity Providers page appears. If no identity providers are configured, the Identity Providers page has the Add Identity Provider button to add an identity provider. If an identity provider is already added, the page lists the details of the identity provider in tabular format.

  2. Click Add Identity Provider if you are adding an identity provider for the first time or else, click the Add (+) icon.

    The Add Identity Provider page appears.

  3. Enter values as described in Table 1.
    Note:

    Fields marked with * are mandatory.

  4. Click OK.

    A confirmation message appears indicating that the identity provider is added successfully and the identity provider is listed on the Identity Providers page.

Table 1 displays the fields on the Add Identity Providers page.

Table 1: Fields on the Add Identity Providers Page
Field Description

Type

Select the type of identity provider—OpenID Connect (OIDC) or Google.

To add Anuta ATOM as your identity provider, use OpenID Connect.

Name

Enter a name for the identity provider.

The name can be a string of alphanumeric characters and some special characters (hyphen and underscore); 32 characters maximum.

Issuer

Enter the URL that uniquely identifies your OIDC identity provider. You can get this URL from the OIDC well-known configuration endpoint.

For example: https://sso server address.com/.well-known/openid-configuration

Note:

For Anuta ATOM, enter https://<ATOM-PrimaryIP>/auth/realms/system.

(Optional) Click Test Connection to verify whether you are able to connect to the issuer. A message indicating that the connection to the identity provider is successful is displayed if Paragon Automation connects with the identity provider.

Status

Click to enable (default) or disable allowing users to log in by using credentials of the identity provider account.
Client Registration

Client ID

A unique ID for Paragon Automation in the identity provider. This information is provided by the identity provider.

Note:

For Anuta ATOM, the client ID is derived from ATOM Keycloak UI.

Client Secret

A secret generated for authenticating requests from Paragon Automation. The secret is generated by the identity provider.

Note:

For Anuta ATOM, the client secret is derived from ATOM Keycloak UI.

Authorized Redirect URI

A valid URI pattern, a browser can redirect to after a successful login or logout from Paragon Automation.

The value is https://portal Ip address/oidc/redirect/callback; where, portal ip address is the IP address to access the Paragon Automation GUI.

You cannot edit this field.

Default Role Assignment

Roles

Assign roles that a user, logging by using the credentials of the identity provider, can take. The left column lists the roles that can be assigned to users.

To assign roles, select the roles to be assigned in the left column and then click >. The selected roles are moved to the right column.

Users logging in by using the credentials of the identity provider can take up roles present in the right column.

Related Documentation