📔Configure eSignet Auth Provider for ID Authentication
Create an eSignet Client for PBMS/SR, if it doesn't exist.
Create a public key private key JWKS pair and use the public key JWK during eSignet client creation and keep the private key JWK.
Allowed redirect uris of the client should contain
https://socialregistry.your.org/auth_oauth/g2p_registry_id/confirm.
Create two ID Types on the Registry:
NATIONAL IDandNATIONAL ID TOKEN.Install the Authentication OIDC: Base, and Authentication OIDC: Reg ID module.
Create a new OAuth Provider in Odoo with the following values: (OAuth providers can be created from Odoo Settings (debug mode) -> Users & Companies -> OAuth Providers, or Odoo Settings -> General Settings -> Search for OAuth -> OAuth Providers)
Provider name: eSignet for ID Auth
Auth Flow: OIDC Authorization Code flow
Token Map: Leave the default and remove
groups:groups.Allowed: Off
If you want this provider to appear on any Portal but not on Odoo install the "G2P Portal Auth" module and allow this provider on the relevant portal from the same page.
Login Button Label:
Login with eSignet.Client Authenticate Method: Private Key JWT.
Client Id: from Step 1.
Client Private Key: Private key file in JWK Json format/PEM key format from Step 1.
Auth URL, Token URL, Userinfo URL, JWKS URL: these are to be configured as available in the well-known config of eSignet.
Allow Signup: Allows user signup.
Signup Default Groups:
User types/Portal.Sync User Groups: When user groups are reset.
G2P ID Type:
NATIONAL ID TOKEN.For the rest of the fields, leave default values.
Navigate to Registry -> Configuration -> ID Types: against the
NATIONAL IDid type, configure the Auth OAuth Provider as the one created in Step 4.Navigate to Registry and open a record that contains
NATIONAL IDID and the authentication status is "Not authenticated". Click on the "Authenticate" button. Wait for the popup to open, and proceed with eSignet auth.
Last updated
