OIDC Provider

Content Type: Service
Categories: Authentication

Overview

The OIDC Provider can be used to build a Mendix app that acts as an OpenID provider for other apps, providing a Single Sign-On (SSO) experience for the end-users of those applications. This app could also delegate authentication of end-users to another Identity provider (IdP), causing it to act as an IAM broker.

The module supports responsive browser-based applications and has been tested with applications that use the OIDC SSO module. This module can be used in Mendix version 9.22.0 and above.

The idea is that you set up a single Mendix app which uses the OIDC SSO module to authenticate end-users with your central IdP. The same app also acts as an OIDC provider for your other apps to use as the IdP for OIDC SSO. This means it is working as an IAM (Identity and Access Management) broker for authentication and, optionally, authorization. You can easily add or remove apps from the IAM Broker app within the Mendix ecosystem using an API without each app and relevant user roles having to be added to your central IdP. However, you retain all the benefits of your central IdP in controlling on- and offboarding of users.

If you would like to use the OIDC Provider module, please send an email to jaap.francke@mendix.com

Documentation

Please see OIDC Provider in the Mendix documentation for details.

If you would like to use the OIDC Provider module, please send an email to jaap.francke@mendix.com

 

Releases

Version: 4.2.0
Framework Version: 10.21.1
Release Notes: This version contains the following fixes/improvements/enhancements:    - Upgraded to Studio Pro version 10.21.1 - Configurable ‘after login’ page, using CustomRedirectLogicMicroflow constant
Version: 4.1.0
Framework Version: 10.12.10
Release Notes: This version contains the following fixes/improvements/enhancements:    - Fixed an issue which caused access tokens to be invalidated under rare conditions (Ticket #235539) 
Version: 4.0.0
Framework Version: 10.12.10
Release Notes: This version contains the following fixes/improvements/enhancements:                 - v.4.0.0 version for apps on Mx10.12.10 or higher
Version: 3.3.0
Framework Version: 9.24.18
Release Notes: This version contains the following fixes/improvements/enhancements:    - Fixed an issue which caused access tokens to be invalidated under rare conditions (Ticket #235539) 
Version: 3.2.0
Framework Version: 9.24.18
Release Notes: This version contains the following enhancements: - Supports the Token Refresh grant This version contains the following fixes/improvements: - Access tokens will get deleted every 1 hour based on the expiry time of the token - Supports dynamic port numbers for redirect URI  - Upgraded to Studio pro version 9.24.18 Library Upgrades: - com.nimbusds:content-type to 2.3 - org.apache.httpcomponents:httpclient to 4.5.14 - com.fasterxml.jackson.core:jackson-core to 2.16.0 - com.fasterxml.jackson.core:jackson-databind to 2.16.0 - com.nimbusds:lang-tag to 1.7 - com.nimbusds:nimbus-jose-jwt to 9.41.2 - com.nimbusds:oauth2-oidc-sdk to 11.20 Recommendation: After upgrading to the latest version ,there could be a potential issue due to conflicting Java libraries of the old and the new version. Hence it is recommended that you delete all Java libraries used by the old OIDC Provider module from the userlib folder of the project before upgrading to the latest version.
Version: 3.1.0
Framework Version: 9.24.2
Release Notes: This version contains the following enhancements/fixes/improvements: - Fixed Mendix 10 compatibility issue Library Upgrades: - com.fasterxml.jackson.core:jackson-databind to 2.16.0 - com.fasterxml.jackson.core:jackson-core to 2.16.0 Recommendation: After upgrading to the latest version ,there could be a potential issue due to conflicting Java libraries of the old and the new version. Hence it is recommended that you delete all Java libraries used by the old OIDC Provider module from the userlib folder of the project before upgrading to the latest version.
Version: 3.0.0
Framework Version: 9.24.2
Release Notes: This version contains the following enhancements/fixes/improvements: - Introduced client_id claim in the Access Token, as per OAuth RFC 9068. - Reduced client_id and client_secret attribute length from unlimited to 255 - Fixed issue related login (Ticket#221512)
Version: 2.0.0
Framework Version: 9.24.2
Release Notes: This version contains the following enhancements: - Supports Client-Credentials GrantType - Supports UserInfo Endpoint (Ticket #208830) - Supports Introspection Endpoint This version contains the following fixes/improvements: - Fixed Escaped slashes issue from API response - UUID instead of AutoNumber for sub-values
Version: 1.1.2
Framework Version: 9.24.2
Release Notes: This version contains the following fixes/improvements - Fixed issue related to lost SSO sessions caused new login Library Upgrades: - com.nimbusds:nimbus-jose-jwt to version 9.37.3 Recommendation: After upgrading to the latest version, there could be a potential issue due to conflicting Java libraries of the old and the new version. Hence it is recommended that you delete all Java libraries used by the old OIDC Provider module from the userlib folder of the project before upgrading to the latest version.
Version: 1.1.1
Framework Version: 9.24.2
Release Notes: This version contains the following fixes/improvements: - Fixed Java dependency issue in migration file for Mendix10 compatibility