ViksaAIDocs
Start now

OpenID Connect (OIDC) Setup

Configure SSO using the OpenID Connect protocol

Overview#

OpenID Connect (OIDC) is a modern authentication protocol built on OAuth 2.0. Most identity providers support OIDC, including Okta, Azure AD, Auth0, and others.

Prerequisites#

Your IdP supports OpenID Connect
You can create an OIDC application in your IdP
You have a Client ID and Client Secret

Redirect URI#

When creating your OIDC application, add this redirect URI:

https://api.viksaai.com/auth/auth/sso/oidc/callback

Required from Your IdP#

Issuer URL

The OIDC issuer URL (e.g., https://example.okta.com/oauth2/default)

Client ID

The public identifier for your OIDC application

Client Secret

The secret key for secure token exchange

Required Scopes#

Ensure your OIDC application requests these scopes:

openidemailprofilegroups (optional)

Configuration Steps#

  1. 1

    Create OIDC application in your IdP

    Create a new application with the "Web" or "Server-side" type.
  2. 2

    Add the redirect URI

    Add https://api.viksaai.com/auth/auth/sso/oidc/callback as an allowed redirect URI.
  3. 3

    Configure scopes

    Enable openid, email, and profile scopes.
  4. 4

    Copy credentials

    Copy the Issuer URL, Client ID, and Client Secret.
  5. 5

    Configure ViksaAI

    Go to Settings → SSO, select OIDC, and enter your credentials.
  6. 6

    Verify and enable

    Complete domain verification, test the connection, and enable SSO.

OIDC vs SAML#

Choose OIDC ifChoose SAML if
Your IdP recommends it; you want simpler configuration; you use modern OAuth2-based IdPs.Your organization uses traditional enterprise IdPs; you need advanced attribute mapping; your IdP only supports SAML.