SingleSignOn Configuration for OIDC and SAML

Besides SSO with ActiveDirectory, Bulksign also supports OpenID Connect and SAML. Multiple OIDC and SAML providers can be configured.

Here is how the authentication configuration looks for each type of provider :

OIDC providers :

    "OidcLoginProviders": [{
        "Id": 1,
        "Name": "My Identity Provider",
        "ClientId": "",
        "ClientSecret": "",
        "AuthorizationUrl": "",
        "TokenUrl": "",
        "Scope": "openid read email user:email",
        "UserInfoUrl" :""
    },

Id : the numeric unique identifier of the provider.

Name : the name of the authentication provider, this name will appear on the authentication button.

ClientId : the clientId obtained from the identity provider

ClientSecret : the clientSecret obtained from the identity provider

AuthorizationUrl : the identity provider authentication url

TokenUrl : the identity provider token url

UserInfoUrl : the identity provider user information url

The redirect url confiured in the identity provider must be set to UrlToBulksignDashboard/OidcLogin/Authorize

Important!

Note : If you configure multiple OIDC providers for login, please make sure that the configured redirect url will also contain the provider identifier. Example :

UrlToBulksignDashboard/OidcLogin/Authorize?pid=1

SAML providers :

    "SamlLoginProviders" : [{
        "Id" : 3,
        "Name" : "Test SAML",
        "SamlMetadataFilePath" : "C:\\Program Files\\Bulksign\\saml_metadata.xml",
        "LoginUrl":"",
        "EmailField" :"email saml_email"
    }],

Id : the numeric unique identifier of the provider.

Name : the name of the authentication provider, this name will appear on the authentication button.

SamlMetadataFilePath : the full path to the SAML metadata file obtaiend from the identity provider. It's recomanded to store the setting file in the same path as the Bulksign config file.

LoginUrl : the identity provider login url

EmailField : the name(s) of the

The redirect url confiured in the identity provider must be set to UrlToBulksignDashboard/SamlLogin/Authorize

Important!

Note : If you configure multiple SAML providers for login, please make sure that the configured redirect url will also contain the provider identifier (configuration field "Id"). Example :

UrlToBulksignDashboard/SamlLogin/Authorize?pid=3