Getting started with OpenID connect¶
The dashboard allows developers to register and manage applications.
- Developer Dashboard – self service interface for registering applications and APIs.
The other Feide for OIDC/OAuth interface is important to application developers as well to better understand and explore the platform:
- Min Side – end user administration of issued authorizations and ad hoc groups
Authentication in Feide can be done using OpenID Connect or SAML. OpenID Connect (OIDC) is the standard for identity verification on top of OAuth 2.0 token based authorization, and is widely used on the web. With OIDC, the application gets verified information about the user’s identity as well as an access token which it can use to access a set of APIs.
There is also a legacy userinfo API in Feide that does not conform to OIDC, but also provides verified identity information.
Setting up your application¶
On the dashboard you will get details and credentials to set up your application as an OpenID Connect (OIDC) relying party.
If your client already supports OIDC or OAuth 2.0, remaining work may just be some simple configuration.
Otherwise, here is more information about how to use OIDC with Feide:
- OpenID Connect and authentication
- OpenID Connect details
- Details about obtaining a token with Feide
- Legacy Dataporten userinfo endpoint
In the dashboard you can configure which login providers you will enable for the end users. Your configuration here will be reflected in the available login options for the end users during login.
Using the Groups API¶
When your application is given a valid access token with the group scope, you will be able to access the groups API to get information about the current group relations for the current user.
Using third party APIs¶
An important feature of Feide is the possibility to do access control on APIs through the platform.
Uninett has an agreement with FSAT regarding access to data from FS:
- Group data from FS is already accessible through the groups API (mentioned above).
- An API returning information about whether a student has paid his semester is accessible as a third party API.
- API returning information about alumni are available for several organizations.
We hope to be able to expose a large library of APIs with data sources for new services in the education sector.