Tested/supported SSOs
Parameters
- Server:
Enter the base URL of your OpenID Connect Identity Access Manager (IAM).
This is usually your Keycloak, Okta, or another OIDC IdP server endpoint.
- Client ID:
The identifier registered with your IdP for XorMon.
It allows the IdP to recognize XorMon as a valid client.
- Client Secret:
A secret (password) associated with the Client ID.
- User Info Role Property:
Defines where in the IdP user claims the role information is located.
XorMon uses this to assign roles/permissions to authenticated users.
- Test:
After a configuration is saved, the test button will perform OIDC login and display user info.
- Trusted CA (Certificate Authority):
Allows you to upload intermediate CA certificates.
This is required if your IAM uses a self-signed or private CA certificate.
For SSO to work, the IAM must be configured properly before XorMon can connect:
- In your IdP admin console, register a new OIDC client/application for XorMon
- Provide Redirect URI / Callback URL → this must point back to XorMon
- https://<xormon-server>/api/oidc/v1/* if wildcards are allowed
- Otherwise https://<xormon-server>/api/oidc/v1/roles for test and https://<xormon-server>/api/oidc/v1/login for login
- Ensure the IdP exposes a UserInfo endpoint
- Define which roles or groups will be passed to XorMon in User Info, these will be looked up by above "User Info Role Property" path from JWT