How to create an OpenID Connect client that will allow user registration and user will be logged in after registration
-
Create your OpenID Connect Client
- Develop your client in whatever matter you choose, into the form you want. There are many variations. Check the docs. Check the discovery (/.well-known/openid-configuration) page of the OnePortal installation for current configuration and supported features. There are even some examples hidden on this site.
- Register your client on the server. Configure it so that you allow new user registrations into the namespace of your choice.
-
Make sure your client works. Make sure the authorisation flow works. Make sure the user can click the "Register new account" button in the login screen and the new user registration works.
-
As part of previous step, you created a link which opens a web site with a login dialog. That was the "authorization_endpoint". Keep doing that, only now add the query parameter
nur
into it. The login link might look something like:https:/openid/auth?nonce=Eid...&client_id=632....&state=BMj...&redirect_uri=https%3A%2F%2Fexample.com%3A61056%2Fauthz_cb&response_type=code&scope=openid&nur
-
Have the user follow it just like during normal authorisation flow. Thanks to the magic of this new parameter, everything works just like the user would have pressed the "Register new account" button.