Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


Add Anuta ATOM as an Identity Provider

Before you add Anuta ATOM as an identity provider for single sign-on, you must register Paragon Automation in Keycloak that ATOM uses for authentication. While registering with Keycloak, you must provide the URL to access Paragon Automation portal.

To add ATOM as an identity provider in Paragon Automation, you will need values for Paragon Automation client ID and client secret from Keycloak. The client ID and client secret values are generated in Keycloak when Paragon Automation is registered with Keycloak; see Register Paragon Automation with Keycloak.

To add ATOM as an identity provider in Paragon Automation:

  1. Select Administration > Authentication > Identity Providers on the left navigation menu.

    The Identity Providers page appears. If no identity provider is already configured, the Identity Providers page has the Add Identity Provider button to add an identity provider. If an identity provider is already added, the page lists the configured identity providers.

  2. Click Add Identity Provider if adding an identity provider for the first time or else, click the Add (+) icon.

    The Create Identity Provider page appears.

  3. Enter values as described in Table 1.

    Fields marked with * are mandatory.

  4. Click OK.

    A confirmation message appears indicating that the identity provider is added successfully and the identity provider is listed on the Identity Providers page.

Table 1 displays the fields on the Add Identity Providers page.

Table 1: Fields on the Add Identity Providers Page
Field Description


Select OpenIDConnect as type of the identity provider.


Enter a name for the identity provider.

For example, ATOM

The name can be a string of alphanumeric characters and some special characters (hyphen and underscore); 32 characters maximum.


Enter the URL in the form https://<atom-vip:443/auth/realms/system.


If using ATOM version 11.0 or earlier, use https://atom-primary-ipv4-address:32443/auth/realms/system.

If using ATOM version 11.1 or later, you can either use https://atom-primary-ipv4-address:32443/auth/realms/system or https://atom-vip:443/auth/realms/system.

(Optional) Click Test Connection to verify whether you are able to connect to the issuer.


If not already enabled, click this toggle button to allow users to log in to Paragon Automation by using ATOM credentials (single sign-on).

Client ID

The unique ID for the Paragon Automation client in the Keycloak. This information is derived from the Keycloak UI.

For example: paragon-automation

Client Secret

A secret generated for authenticating requests from Paragon Automation. This information is derived from the Keycloak UI.

The secret can be in the format xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx for the client ID, where x is an alphanumeric character.

Authorized Redirect URI

A valid Uniform Resource Indicator (URI) pattern that a browser can redirect a user to after a successful login or logout from Paragon Automation.

The value is https://portal Ip address/oidc/redirect/callback; where, portal ip address is the IP address to access the Paragon Automation GUI.

You cannot edit this field.


Assign roles that a user, logging by using single sign-on, can be assigned.