Skip to main content
OpenID Connect (OIDC) is an authentication protocol built on top of OAuth 2.0. When enabled, users in your organization can log into Omni using credentials from any OIDC-compliant identity provider.

​
Requirements

To follow the steps in this guide, you’ll need:
  • To have OIDC authentication enabled in your Omni instance. Reach out to Omni support to have this feature enabled.
  • Omni Organization Admin permissions
  • Access to your OIDC identity provider with permissions to:
    • Create or configure applications
    • Access client credentials and discovery endpoints

​
Limitations

User sessions will expire after 24 hours. This is not currently configurable.

​
Setup

1

Retrieve OIDC provider details

In your OIDC identity provider, obtain the following information:
  • Issuer URL - The issuer URL of your OIDC server
  • Client ID - The unique identifier for your Omni application
  • Client Secret - The secret key for authenticating your application
Keep this information handy - you’ll need it to complete the setup in Omni.
The exact steps to obtain these values will vary depending on your identity provider. Consult your provider’s documentation for specific instructions on creating an OIDC application.
2

Configure redirect URI in your identity provider

In your OIDC identity provider’s application settings, you’ll need to configure the Redirect URI (also called Callback URL).The redirect URI should be in the following format:
https://[your-omni-subdomain].omniapp.co/auth/oidc/callback
For example, if you log in to https://blobsrus.omniapp.co, your redirect URI would be:
https://blobsrus.omniapp.co/auth/oidc/callback
3

Configure Omni authentication settings

In Omni, navigate to Settings > Authentication > OIDC Configuration to complete the setup:
  • Display name - Enter a name, for example Blobs R Us auth
  • Issuer URL - Paste the issuer URL from your OIDC provider.
  • Client ID - Copy and paste the Client ID from your OIDC provider
  • Client Secret - Copy and paste the Client Secret from your OIDC provider
  • Automatically provision new users on first login from this OIDC provider - Toggle this setting to on if you want to provision users only when they first access Omni
  • Enable OIDC for users - Toggle this setting to on to enable OIDC authentication
When finished, click Save OIDC changes.
4

Test the setup

Test your OIDC setup by logging out of Omni. On the Omni login page, you should see a Log in with OIDC button. Click the button to log in using OIDC.If the setup is successful, you can proceed to assign the application to other users in your organization through your identity provider.