Skip to main content

Setting OIDC providers

Use the OIDC providers page in Subscriptions settings to configure Arc XP Identity as an identity provider for other organizations or sites within your ecosystem.

An OIDC provider (OpenID Connect provider) is a third-party identity service that authenticates users and issues ID tokens that confirm their identity. Arc XP uses OIDC providers as part of a federated authentication model, allowing media companies to centralize user authentication across platforms while still leveraging Arc's Subscriptions features.

Arc XP Identity lets you share user accounts across several Arc XP instances, following security best practices. This allows your customers to authenticate once and access all your sites without creating separate accounts for each, building a more cohesive experience. For more details, see Introduction to Arc XP Identity.Introduction to Arc XP Identity

Scenario: Unifying your users' experience

As a digital administrator for a media company with three different newspaper brands, you want to unify your authentication system using Arc XP Identity. For this, you configure Publication A as an OIDC provider within the Arc XP Identity settings.

Then, you set Publication A as the OIDC provider for Publications B and C, following the Setting authentication providers guide.

After finishing these configurations, your readers are able to register once and get access to your three publications, enhancing their satisfaction and maintaining security standards.

Procedure

Setting OIDC providers

To set one of your organizations as an OIDC provider, complete these steps:

  1. Navigate to Subscriptions > Settings > Identity > OIDC providers. The OIDC providers page opens.

  2. Click Add provider. The OIDC providers/Add new provider page opens.

  3. Complete the following fields: 

    • Name - enter a name to identify the OIDC configuration.

    • Client ID - create a unique, URL-safe identifier that client organizations use to reference your service.

    • Secret - enter a password that client applications use to securely communicate with Arc's token API. Store this value securely as you need to share it with client organizations.

  4. In the Allowed return URIs section, click Add URI to set redirect links.

    • Your redirect URI must follow the format: https://{endpoint}/identity/public/v2/oidc/redirect.

    • Include the https:// protocol for security.

  5. Click Add.

The OIDC provider becomes available for client organizations to use.

In this section: