OpenID Connect performs many of the same tasks as OpenID 2.0 but does so in a way that is API-friendly and usable by native and mobile applications. OpenID Connect defines optional mechanisms for robust signing and encryption. Whereas integration of OAuth 1.0a and OpenID 2.0 required an extension, in OpenID Connect, OAuth 2.0 capabilities are integrated with the protocol.
OpenID Connect tends to be significantly easier to set up. Recorded Future uses a unique string referred to as an SSO_Key. This key is specific to each organization’s configuration. The SSO_Key will be provided during the initial setup by Recorded Future and must be replaced in certain fields as indicated below:
Configuration Information
Recorded Future uses We use the Grant Type of Authorization Code. The login redirect URI for Recorded Future is https://id.recordedfuture.com/login/callback
The following information is required by Recorded Future to set up an OIDC configuration in the platform:
-
IdP (identity provider) and/or authentication provider
(e.g., Okta, Ping, Azure, ADSF, Duo, Google, RSA ) - The metadata URL to the OIDC Discovery documents (commonly ending with .well-known/openid-configuration)
- Client ID
- Client Secret
The login redirect URI for Recorded Future is: https://id.recordedfuture.com/login/callbackWe use the Grant Type of Authorization Code.
Additional Information:
Single Sign-on with Recorded Future
Single Sign-On Login Procedure