This feature allows you to register providers that will be used to log in to Identity. You can register providers such as Google, Facebook, Linkedin, or others, so that authentication occurs through users' accounts in these applications.
You may create the user when you first login, but the company administration can still create users in the Users menu as usual.
01. Click the 
Settings icon in the upper-right corner and click the Security option.
02. In the left menu, activate the Provider Registration option.
Click this option to display a list with the providers registered in the company. You can copy the link from the provider's URL, edit the provider, or delete it if necessary.
01. Click the Settings icon in the upper-right corner and click the Security option.
02. In the left menu, activate the Provider Registration option.
03. Click the Register new provider button
04. In the Provider step, add the required information.
Provider
The provider options are: Google, Facebook, or LinkedIn (not generic), or generic (custom server).
Provider Name
Name to be displayed on the login screen.
If you add a non-generic provider, the following fields are required:
Application Identifier in Provider (ClientId)
ClientId is the provider identifier generated on Linkedin, Facebook, or Google.
Application Password in Provider (ClientSecret)
ClientId is the password generated by the provider itself.
Self-registration
Enter whether you can create the user at first login, or whether only users created via the Users menu will be able to authenticate.
If you add a generic provider, complete the following steps.
05. Click Save to complete the registration of the non-generic provider, or click Next to proceed with the registration of the generic provider.
06. In the Application Data step, add the required information and click Next.
Application Identifier in Provider (ClientId)
ClientId is the provider identifier you want to use.
Application Password in Provider (ClientSecret)
ClientId is the password generated by the provider itself.
Self-registration
Enter whether you can create the user at first login, or whether only users created via the Users menu will be able to authenticate.
Scopes
Scopes are routes that providers use, for example: e-mail address, username. Each provider has its own scope and usually documents this so that the user can consult it when registering.
TIP!
When logging in, you can see the request coming from your provider by looking at F12 on your browser, so you can get the exact parameters you need to fill in.
07. In the Protocol Information step, add the required information and click Next.
Protocol type
It can be OIDC or OAUTH2. If it is OAUTH2, you need to register the URI with the user information by the provider.
Flow used for authentication (GrantType)
It can be Authorize or Implicit. By default, providers use Authorize, more specific cases use Implicit, but in this case, it needs to be indicated in the provider's documentation.
08. In the Provider endpoints step, add the required information and click Next.
Get User Information from ISP
When this option is checked, it always calls the provider's /me, even though it is OIDC.
Auth URL
Primary address to initiate authorization.
URI of token exchange with Provider (TokenURI)
It is the address to exchange the code for an access token (internally).
URI with Provider certificates (JWKS)
Certificate providing URI.
URI with user information by Provider
It's the /me address. Required when there is no such information coming from the IDToken (when the flow occurs through OAuth2 without OIDC).
URI with user's e-mail
This field is only required in a very specific case when the email is not in the profile.
09. In the Authentication search information step, add the required information and click Next.
Provider parameter that contains the Token ID or Access Token
Provider parameter with Access Token
If there is already a Token ID in the request and accessToken is still required for any call to the provider.
Variable with user name
Contained in the Token ID or /me response.
Variable with user's last name
Contained in the Token ID or /me response.
Variable with full user name
Contained in the Token ID or /me response.
Full name ID
If the Token ID or /me only contains the variable that contains the FullName, without the FirstName and LastName.
User e-mail
If the e-mail is not contained in the Token ID or /me response.
10. In the Security Validators step, include the required information.
Default token issuer
Token issuer. Value set by the provider.
Default token receiver
Token recipient, usually populated with the ClientId of the application in the provider.
11. Click Save to complete the provider registration.
After adding the new provider, the Identity login screen displays a button with the provider's name, allowing authentication with the user's account in the configured application.
01. Click the Settings icon in the upper right corner and click Security.
02. In the left menu, select Provider Registration.
03. Locate the provider that should receive the logo image and click the Add logo 
button .
A screen opens for file selection. The image must comply with the supported format (png) and maximum size (1MB) specifications displayed onscreen. The image size is 50 x 50 pixels. If a logo is already defined for the provider, the corresponding image is displayed.
04. Make the adjustments needed to display the image as desired.
The buttons 
and 
rotate the image. The buttons 
and 
mirror the image. You can also select the part that should be displayed.
05. Click Save to save the logo image.
It may take a few minutes for the new logo to update on the login screen.
01. Click the Settings icon in the upper right corner and click the Security option.
02. In the left menu, activate the Provider Registration option.
03. Locate the provider you want to edit and click the 
Edit environment.
The target provider data will open so you can query and edit the information.
For generic providers, the information to be changed is the same as the provider registration, in accordance with the Register provider item in this documentation.
Attention!
In provider editing, fill out only the Change password field if you need to change the application password in the social login provider.
For non-generic providers (Google, Facebook or Linkedin), you can only change the ClientId and ClientSecret.
04. Click Save to save changes.
01. Click the Settings iconn the upper-right corner and click the Security option.
03. Locate the provider the link of which you want to copy and click the 
Copy URL button.
When clicking this button, the link to access the provider is copied to the clipboard, so that the registration with the provider can be performed.
Click this button to copy the provider's access link to the clipboard and register it in the provider.
01. Click the Settings icon in the upper right corner and click the Security option.
02. In the left menu, activate the Provider Registration option.
03. Locate the provider the link of which you want to delete and click the 
Delete environment button.
After deleting the provider, the button with the provider name is deleted from the Identity login screen.