Notice
The examples and use cases described here are intended to show the different ways SURF Research Access Management can be used and connected to application. These examples and use cases are not always validated by SURF.
Prerequisites
An up-to-date, working Wordpress installation.
Installation
Add the OIDC plugin OpenID Connect - Generic Client by daggerhart under plugins.
Register your application
First, register your application.
Information needed
As soon as we've processed your request, you will receive an email containing:
- Client ID
- Client Secret Key
Configuration
In Wordpress, go to Plugins, Installed Plugins, and activate the plugin 'OpenID Connect Login ( OpenID Connect Client)'.
Go to Settings, OpenID Connect Client.
Fill out the configuration page with the following information:
| Attribute | Value |
|---|---|
| Login Type | 'Button' until you are sure the OIDC login works |
| Client ID | The Client ID received from SURF |
| Client Secret Key | The Client Secret Key received from SURF |
| OpenID Scope | profile openid email |
| Login Endpoint URL | |
| Userinfo Endpoint URL | https://proxy.sram.surf.nl/OIDC/userinfo |
| Token Validation Endpoint URL | https://proxy.sram.surf.nl/OIDC/token |
| End Session Endpoint URL | https://proxy.sram.surf.nl/OIDC/logout |
| Identity Key | sub |
| Disable SSL Verify | Unchecked |
| HTTP Request Timeout | 5 |
| Nickname Key | sub |
| Email Formatting | {email} |
| Display Name Formatting | {name} |
| Identify with User Name | Unchecked |
| State time limit | Leave empty |
| Enable Refresh Token | Unchecked |
Save the changes
Testing the configuration
Visit the your Wordpress site in an incognito window (or log out as admin) and click the Login with OpenID Connect button.
After a successful login, your SRAM identifier is visible from the pop-over in the top right corner.
