Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Add Identity Providers

Before you add an identity provider, you must register Paragon Automation with the identity provider. While registering, you must provide the URL where you would be hosting Paragon Automation; see Configure Portal Settings.

To add an identity provider to Paragon Automation, you will need the following information from the identity provider:

  • The link to the authentication server of the identity provider (known as issuer).

  • Client ID and Client secret.

    The client ID and client secret details are provided by the identity provider when you register with them.

Paragon Automation Release 21.2 allows you to add OpenID Connect (Anuta ATOM) and Google as identity providers.

To add an identity provider:

  1. Select Administration > Authentication > Identity Providers on the left navigation menu.

    The Identity Providers page appears. If there are no identity providers added, the Identity Providers page has the Add Identity Provider button to add an identity provider. If an identity provider is already added, the page lists the details of the identity provider in tabular format.

  2. Click Add Identity Provider if adding an identity provider for the first time or else, click the Add (+) icon.

    The Create Identity Provider page appears.

  3. Enter values as described in Table 1.
    Note:

    Fields marked with * are mandatory.

  4. Click OK.

    A confirmation message appears indicating that the identity provider is added successfully and the identity provider is listed on the Identity Providers page.

Table 1 displays the fields on the Add Identity Providers page.

Table 1: Fields on the Add Identity Providers Page
Field Description

Type

Select the type of identity provider—OpenID Connect or Google.

To add Anuta ATOM as your identity provider, use OpenID Connect.

Name

Enter a name for the identity provider.

The name can be a string of alphanumeric characters and some special characters (hyphen and underscore); 32 characters maximum.

Issuer

Enter the URL that uniquely identifies your OIDC identity provider. You can get this URL from OIDC well-know configuration endpoint.

For example: https://sso server address.com/.well-known/openid-configuration

Note:

For Anuta ATOM, enter https://<ATOM-PrimaryIP>/auth/realms/system.

(Optional) Click Test Connection to verify whether you are able to connect to the issuer.

Status

Click to enable (default) or disable allowing users to log in by using credentials of the identity provider account.

Client ID

A unique ID for Paragon Automation in the identity provider. This information is provided by the identity provider.

Note:

For Anuta ATOM, the client ID is derived from ATOM Keycloak UI.

Client Secret

A secret generated for authenticating requests from Paragon Automation. This is generated by the identity provider.

Note:

For Anuta ATOM, the client secret is derived from ATOM Keycloak UI.

Authorized Redirect URI

A valid URI pattern, a browser can redirect to after a successful login or logout from Paragon Automation.

The value is https://portal Ip address/oidc/redirect/callback; where, portal ip address is the IP address to access the Paragon Automation GUI.

You cannot edit this field.

Roles

Assign roles that a user, logging by using the credentials of the identity provider, can take.