Airlock IAM as OAuth Client/OIDC Relying Party (RP)

Airlock IAM can be configured as OAuth Client / OIDC Relying Party (RP). In such setups, Airlock IAM delegates user authentication to a remote IDP (e.g. Google). IAM can then take user information from the IDP into account in its authentication flows.

• The main concepts explained in this chapter are:
• Retrieving user attributes (claims) from remote IDPs and using them in identity propagation.
• Account linking and social registration

More information can be found in the configuration articles linked below.

OAuth/OIDC clients must be registered manually with the remote IDP (the authorization server). The remote authorization server issues a client ID and a client secret to the registering client. These values must exactly match the entries in the Airlock IAM configuration.

• OAuth / OIDC settings
• Configuration of Airlock IAM as OAuth 2.0 Client
• Configuration of Airlock IAM as OIDC Relying Party
• Configure Airlock IAM as OIDC Relying Party using discovery

• Target Application and Authentication Flow Settings
• Authentication flow for IAM as OAuth or OIDC client configuration

• Flow UIs
• Loginapp UI as OAuth or OIDC client configuration