France Connect is an authentication platform made by French government.
Attention
It is for the moment only in BETA stage. This documentation will explain how to configure LL::NG with the developer reserved space.
Once OpenID Connect service is configured, you need to register to France Connect.
Use the following form: https://doc.integ01.dev-franceconnect.fr/inscription.
You need to provide the callback URLs, for example https://auth.domain.com/?openidcallback=1.
You will then get a client_id
and a client_secret
.
Go in Manager and create a new OpenID Connect provider. You can call it
france-connect
for example.
Click on Metadata
and set manually the metadata of the service,
using France Connect
endpoints.
For example:
{
"issuer": "https://fcp.integ01.dev-franceconnect.fr",
"authorization_endpoint": "https://fcp.integ01.dev-franceconnect.fr/api/v1/authorize",
"token_endpoint": "https://fcp.integ01.dev-franceconnect.fr/api/v1/token",
"userinfo_endpoint": "https://fcp.integ01.dev-franceconnect.fr/api/v1/userinfo",
"end_session_endpoint":"https://fcp.integ01.dev-franceconnect.fr/api/v1/logout"
}
You can skip JWKS data, they are not provided by France Connect. The
security relies on the symmetric key client_secret
.
Go in Exported attributes
to choose which attributes from “identité
pivot” you want to collect. See
https://doc.integ01.dev-franceconnect.fr/identite-pivot
Now go in Options
:
Configuration
, register the client_id
and
client_secret
given by France ConnectProtocol
, adapt the scope
to the exported attributes you
want. See https://doc.integ01.dev-franceconnect.fr/fs-scopesDisplay
, you can set the name and the logo