SSO Playground
OIDC and SAML playground is a next.js application built by the SSO Team
Features
Multiple configurations: The playground offers flexibility in testing. You can choose from pre-configured OIDC providers like Keycloak, Auth0 or Google Accounts, or you can even enter your own OIDC URLs to test against a custom provider.
Hands-on experimentation: By allowing users to interact with the OIDC flow manually, the playground provides a practical learning experience. Developers can experiment with different parameters and scopes to see how they affect the authorization process and the claims returned.
Improved debugging: Since you can isolate and test each step individually, the playground can simplify debugging OIDC integration issues within your application.
Usage
OpenID Connect
- Access the SSO Playground in a browser and select a flow type that's relevant to your client.
- After selecting the flow type, a form is displayed asking for parameters to run the authentication process.
- The Discovery URL is a JSON document that contains important configuration details for the OpenID Connect provider. This document includes information such as:
- Authorization endpoint URL
- Token endpoint URL (optional for implicit flow)
- Userinfo endpoint URL (optional)
- JSON Web Key Set (JWKS) document URL
- Issuer identifier, and other relevant settings
- After you enter the Discovery URL, it should auto populate other URLs if they exist in the JSON document.
- Enter rest of the fields and click on Login button to run the authentication process. If the login was successful, the application should display a panel on the right of the form with a drop-down listing retrieved tokens.
SAML
- Access the SSO Playground and click on
SAMLtab - Ensure your client has
Logout Service URLset withhttps://sso-playground.apps.gold.devops.gov.bc.ca/samlin CSS for logout to work - Navigate to
https://dev.loginproxy.gov.bc.ca/auth/realms/standard/protocol/saml/descriptor - Copy
SingleSignOnService,SingleLogoutService,X509Certificatefor completing the login form - Use your
client IDas theEntity ID - Click login button
- Click logout to start fresh
- The reset button should wipe out recent form data