Example SSO Configurations

The following is a list of Identity Providers (IP) we’ve tested with. Other IPs could also be used for Platform6 SSO but unless they are fully OIDC compliant (implicit flow), will probably require some assistance from support to get the configuration correct.

In each case below we’ve added the IP console URL and an indication of the UI menu options required to access the OIDC configuration. We have no control over IPs user interface design and the URLs and menu points may change over time.

OIDC Identity Providers (Implicit Flow)



(Create Credentials -> Create an OAuth Client ID)

Property Name Value
oidc.authorize.request.scopesopenid email profile
oidc.provider.url https://accounts.google.com
oidc.client.id [id allocated via the Google app console]

Microsoft Azure


(Azure Active Directory -> App Registrations -> New registration))

Property Name Value
oidc.authorize.request.scopes openid
oidc.provider.url https://login.microsoftonline.com/[Microsoft supplied tenant id]
oidc.email.claim upn
oidc.client.id [Microsoft supplied client id]
oidc.claim.stringlist.match groups=[Microsoft supplied group id]

Ping Identity

https://[Ping Host]:9999/pingfederate

(OAuth Server -> OpenID Connect Implicit Client Profile)

Property Name Value
oidc.authorize.request.scopes openid email
oidc.provider.url https://[Ping Federate Host]:9031
oidc.client.id im_oic_client

Microsoft Server 2016 AD FS


(AD FS Management -> Add Application Group…)

Property Name Value
oidc.authorize.request.scopes openid
oidc.provider.url https://[host.server.domain]]/adfs
oidc.email.claim upn
oidc.client.id [AD FS supplied client id]
oidc.end.session.with.hint true

Identity Providers (Custom Hybrid Flows)



(Settings -> Applications -> New OAuth App)

Property Name Value
oidc.authorize.request.scopes user:email
oidc.userinfo.endpoint https://api.github.com/user
oidc.flow.implicit false
oidc.client.secret [Supplied by GitHub when defining an OAuth Application]
oidc.client.id [Supplied by GitHub when defining an OAuth Application]
oidc.response.type code
oidc.authorization.endpoint https://github.com/login/oauth/authorize
oidc.token.endpoint https://github.com/login/oauth/access_token
oidc.discovery false



(Create App -> Auth)

Property Name Value
oidc.authorize.request.scopes r_emailaddress
oidc.userinfo.endpoint https://api.linkedin.com/v2/emailAddress?q=members&projection=(elements*(handle~))
oidc.email.claim emailAddress
oidc.flow.implicit false
oidc.client.secret [Supplied by the LinkedIn developer console]
oidc.client.id [Supplied by the LinkedIn developer console]
oidc.response.type code
oidc.authorization.endpoint https://www.linkedin.com/oauth/v2/authorization
oidc.token.endpoint https://www.linkedin.com/oauth/v2/accessToken
oidc.discovery false