OpenID Connect (OIDC) is a modern authentication protocol built on OAuth 2.0. Most identity providers support OIDC, including Okta, Azure AD, Auth0, and others.
Prerequisites
Redirect URI
When creating your OIDC application, add this redirect URI:
Required from Your IdP
The OIDC issuer URL (e.g., https://example.okta.com/oauth2/default)
The public identifier for your OIDC application
The secret key for secure token exchange
Required Scopes
Ensure your OIDC application requests these scopes:
Configuration Steps
Create OIDC application in your IdP
Create a new application with the "Web" or "Server-side" type
Add the redirect URI
Add https://api.viksaai.com/auth/auth/sso/oidc/callback as an allowed redirect URI
Configure scopes
Enable openid, email, and profile scopes
Copy credentials
Copy the Issuer URL, Client ID, and Client Secret
Configure ViksaAI
Go to Settings → SSO, select OIDC, and enter your credentials
Verify and enable
Complete domain verification, test the connection, and enable SSO
OIDC vs SAML
Choose OIDC if:
- Your IdP recommends it
- You want simpler configuration
- You're using modern OAuth2-based IdPs
Choose SAML if:
- Your organization uses traditional enterprise IdPs
- You need advanced attribute mapping
- Your IdP only supports SAML