Skip to content

SAP Customer Data Cloud (aka Gigya)

Jump to bottom Edit New page
vroommm edited this page Sep 21, 2020 · 2 revisions

Using mod_auth_openidc with SAP-CDC (previously Gigya)

SAP-CDC (previously Gigya) and mod_auth_openidc can be combined for a simple integration of authentication services at the server level. The Official SAP-CDC docs contains a guide to setting up the provider configuration.

Once you have configured the SAP-CDC as an OpenID Provider you can use mod_auth_openidc as an OpenID Connect Relying Party as described hereafter.

Create an RP type "client" under your SAP-CDC site's Open Id Connect Provider configuration there are instructions here. Make a note of your site:

  • Data center (eu1, us1, etc)
  • API Key
  • ClientID
  • Client Secret

include them in your configuration as follows:

	OIDCProviderMetadataURL https://fidm.{yourDataCenter}.gigya.com/oidc/op/v1.0/{yourAPIKey}/.well-known/openid-configuration
	OIDCRedirectURI https://myserver.example.not/oauth2callback
	OIDCCryptoPassphrase 0123456789
	OIDCClientID {yourClientID}
	OIDCClientSecret {yourClientSecret}

	OIDCScope "openid email profile super roles"

	#simple resource path for authenicated users only
	<Location /protected>
	  AuthType openid-connect
	  Require valid-user
	</Location>

	#claims type test
	<Location /superprotected>
	  AuthType openid-connect
	  Require claim claims.super:true
	</Location>

	#claims in an array test
	<Location /teacherprotected>
	  AuthType openid-connect
	  Require claim claims.roles:teacher
	</Location>

Single Sign On (SSO) should work. Just duplicate your config in multiple RP Redirect URIs or httpd instances and modify the OIDCRedirectURI accordingly. You can add multiple "Valid Redirect URIs" in the SAP-CDC admin console.

Add a custom footer
Add a custom sidebar
Clone this wiki locally