User claim mapping - OpenID Connect SSO Solutions Technical Guide - Foundation 24.1 - Foundation 24.1 - Ready - Perceptive Content - external

OpenID Connect SSO Solutions Technical Guide

Platform
Perceptive Content
Product
OpenID Connect SSO Solutions Technical Guide
Release
Foundation 24.1
License

To make use of the claims returned by the OpenID Provider, Perceptive Content needs to know which claim returns values that are a one-to-one mapping to Perceptive Content usernames. Therefore, when configuring Perceptive Content Server for OpenID Connect, one of the required settings is the user.claim setting, from which Perceptive Content Server can map values of a claim to usernames in its database. The exact claim that should be chosen for this setting depends on which scopes and claims are supported by the OpenID Provider.

When integrating with the Hyland Identity Provider, the claim that works best for Perceptive Content is the username claim which is exposed when the profile.onbase scope is requested. In this configuration, the profile and profile.onbase scopes must be allowed by the client, and the scope setting in Integration Server must include both openid and profile.onbase. You can find more information about the Hyland Identity Provider on Hyland Community.