Configuring Your Service

To integrate your service with the SSO API, you will need to configure client properties.

Properties

SSO API Base URL

The base URL of the SSO API. SSO is part of the Verifier environment which is fully managed by TNG's Product Suite Platform (PSP), therefore the environment ID is part of the path.

You will be provided with this URL at client setup.

Example:

$SSO_API_BASE_URL=https://identity.products.teranode.group/products/web/$IDENTITY_ENV_ID/sso

Client ID

A unique identifier assigned to your application client by SSO. Provided during client setup.

Client Secret

Secret generated for the application client. Used when exchanging the authorization code for an access token.

Also provided when setting up the client.

Authorization UI URL

The base URL of the SSO Authorization User Interface.

This is where the end-user is redirected to authenticate and authorize access.

SSO Backend API URL

The base URL of the SSO backend API used for token exchange and related operations.

Callback (Redirect) URL

The URL to which the SSO service redirects the user after authorization. Must match one of the Callback URLs specified at client setup.

On success, the redirect includes an authorization code.

On failure, it includes error details.

Example:

Template Definition ID list

List of identifiers of Verifiable Credential templates configured for this client. The user must prove possession of one of them. Which one, decides the client at time of constructing the authorization URI.

The user will be required to present a Verifiable Presentation matching this template during authentication.