> For the complete documentation index, see [llms.txt](https://docs.openg2p.org/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.openg2p.org/1.3/social-registry/features/id-integration/id-authentication/user-guides/configure-esignet-auth-provider-for-id-authentication.md). # Configure eSignet Auth Provider for ID Authentication This document provides instructions on how to configure eSignet Authentication Provider in PBMS to help the end-users to utilise the eSignet option to log into PBMS. ## Prerequisites * Create an eSignet client for PBMS/Social Registry as given in eSignet Client Creation guide. * Create a public key and a private key JWKS pair. Use the public key JWK during eSignet creation and keep the private key JWK. * Allowed redirect URIs of the client must contain `https://socialregistry.your.org/auth_oauth/g2p_registry_id/authenticate` * Create two ID types on the Registry such as `NATIONAL ID` and `NATIONAL ID TOKEN`. To configure ID types refer the [Configure ID Types](/1.3/pbms/functionality/beneficiary-management/beneficiary-registry-configurations/user-guides/configure-id-types.md) documentation. * Install the [OpenID Connect Authentication](/1.3/pbms/developer-zone/odoo-modules/openid-connect-authentication.md) and [G2P Auth: OIDC - Reg ID](/1.3/pbms/developer-zone/odoo-modules/authentication-oidc-reg-id.md) module. ## Procedure 1. Click the main menu icon ![](/files/jsRVDffM09VtGFJaNGuN) and select ***Settings***.
The ***Settings*** screen is displayed. 2. Select the tab ***Users & Companies***, and click the option ***OAUTH Providers***.
***Providers*** screen is displayed.
3. Click the ***New*** button. ***Providers New*** screen is displayed.
4. Enter the values in the respective fields. For example, the fields, their descriptions, and sample values are given below.
FeatureDescriptionValue
Provider nameEnter the provider name.For example: eSignet for beneficiary portal
Auth FlowSelect the option OpenID Connect Authorization Code Flow from the drop-down.
Token MapYou can find a default value. In the default value replace sub: user_id with individual_id: user_id.
Client ID

The ID of the eSignet client.

To learn more refer to eSignet Client Creation.

Client Authentication MethodSelect the option Private Key JWT from the drop-down.
Client Private KeyThe Client Private Key of the eSignet client. To learn more, refer to eSignet Client Creation.
AllowedUncheck the box.
Allowed in Self Service PortalUncheck the box.
Allowed in Service Provider PortalUncheck the box.
Login button labelEnter the label name for the eSignet Login button.

For example: Login with eSignet.

Note: This text with the button name will appear on login page.

Authorization URL, Userinfo URL, Token Endpoint, JWKS URLThese are to be configured as available in the well-known config of eSignet.
Verify Access Token HashCheck the box to enable the option Verify Access Token.
Allow SignupSelect the option Denies user signup (invitation only) from the drop-down.
Sync User GroupsSelect the option Never from the drop-down.
G2P REG ID SETTINGS
G2P Registrant ID TypeEnter the configured ID typeFor example: NATIONAL ID.
Note: The rest of the fields have the default values. 5. Click the icon ![](/files/pZu5xkgY6CYC21p7tlxw) to save the changes. This completes the process of configuring the ***eSignet Authentication Provider*** in SR. To know the process on authenticate an individual, refer [ID Authentication Process](/1.3/social-registry/features/id-integration/id-authentication/user-guides/id-authentication-process.md) documentation. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.openg2p.org/1.3/social-registry/features/id-integration/id-authentication/user-guides/configure-esignet-auth-provider-for-id-authentication.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.