Managing OpenID Connect applications#

After registered the service you can add OAuth details to configure the service by clicking “Add OIDC-configuration” under the tab configurations.

Screenshot of configuration tab when registering a new service

Screenshot of configuration tab when registering a new service

Redirect URL after login is the URL where the client is redirected back to after authentication. This should be available in the documentation of the software you are about to install. The Redirect URI can be changed later.

Read more in our technical specification about Feide and OIDC/OAuth.

Redirect URL after logout is the URL to control where the user is redirected after logging out. The application must also include the URI in the logout request. Read more her

Screenshot of adding redirect URI for OIDC-configuration

Screenshot of adding redirect URI for OIDC-configuration

For service that have multiple configurations like needs separate configurations for each organization with access to the service you can enter different name for the configuration to separate multiple configurations in the field “Configuration name”. The name will be displayed when logging in to the configuration as follows: “You must log in via Feide to access <service name> - <configuration name>”.

Screenshot of adding name for OIDC-configuration

Screenshot of adding name for OIDC-configuration

In the field “Configuration login page” you can add URL for the configuration login page. This is practical for services with multiple configurations and have separate login pages for each host organization.

Screenshot of adding login page for OIDC-configuration

Screenshot of adding login page for OIDC-configuration

Restricting access#

If you have multiple configurations for the service, where only one organization should be able to use this instance, you can configure this using the “Restrict login to selected organizations”-checkbox. This means that only host organizations that are added for the configuration appear as a login option in Feide for the configuration even if they have activated the service. If you choose to use the option to restrict login to selected organizations, you need to keep an eye on who has access for each configuration so it’s up to date.

Screenshot of restrict login to the configuration

Screenshot of restrict login to the configuration

Test users#

The “Test users” section allows you to enable login with Feide test users. For more information about the test users, including how to access them, see our documentation about test users.

Screenshot of enabling Feide test users for OIDC-configuration

Once you have enabled a group of test users, you can log in by selecting either “Feide test users” (“Feide testbrukere”) or “Feide service providers” (“Feide tjenesteleverandører”) on the login page. See “logging in using test users” for more details.

Note

Remember to deactivate test users for your production service when you are not using them. The test users are publicly known, so others may be able to use the test users to access your service.

Allow other login methods#

With OpenID Connect services using Feide can enable a variety of login providers. In addition to allowing login for users from Norwegian educational institution, you can also allow users to login using ID-porten, eduGAIN and more.

See the login providers overview for more details.

Using third-party data sources#

Feide allows institutions and data owners to make available new datasets that will be very easy to use for application developers.

If you are interested in setting up your own data source:

Data sharing

The available data sources are shown in the “data sources” tab in the customer portal.

Screenshot from customer portal showing available third-party data sources

Screenshot from customer portal showing available third-party data sources#

Data sources that you have made available yourself will be visible in the “Provided by <your organization> tab, while all others will will be available in the “All data sources” tab.

Some data sources may be made available instantly without moderation, while others may require moderation.