Key Concepts
Authentication Type – OIDC (OpenID Connect):
A standardized identity layer on top of OAuth 2.0 that verifies users and fetches profile information securely.
Identity Provider Type – Own:
Use this when connecting to your company's own IdP. This is suitable for internal user authentication.Redirect URL:
The endpoint to which the user is redirected after successful authentication. This must be registered in your IdP (no wildcard allowed).Metadata URL:
Provides your IdP's configuration (including public keys and endpoints). Must end with:
/.well-known/openid-configurationIdentity Provider (IdP):
A system (e.g., Azure, Keycloak) responsible for authenticating users.IdP Data:
Includes credentials, roles, and permissions used to enforce secure access.Provider ID:
A unique user ID from your IdP system. Example: Azure sub-ID or Keycloak user ID.
Configure Your Identity Provider (IdP)
This involves entering your Metadata URL, Client ID, and Client Secret, which are critical for authenticating your users.
Navigate to Technical Setup → Identity Provider Configuration → Add Identity Provider
Select:
Authentication Type: OIDC
Identity Provider Type: Own
After Creating the IDP entry, you need to configure the connection details to your company IdP.
Provide:
Your Metadata URL
Your Client ID and Client Secret from your OpenID instance (Azure, Keycloak, etc.)
Register the redirect URL in your Open ID instance (without the wildcard)
Last Step: Connect Your User Profile
You need to link your Cofinity-X user account to your IdP by entering your IdP User ID (also referred to as Provider ID in Azure).
Retrieving the Provider ID from Cofinity-X (Azure Example):
To retrieve your Provider ID from Cofinity-X:
Log out from your current account
Log in using your newly created IdP within the Cofinity-X Portal
Complete the Azure login if prompted
After successful login, a screen will display your username
→ This is your Provider ID.
Add Users Manually
Once your IdP is set up, you must manually add each user in User Management.
Note: Automatic role synchronization is not currently supported.
If you have any questions or require additional support, feel free to reach out to us here >> support@cofinity-x.com.