France Connect¶
Presentation¶
France Connect is an authentication platform made by French government.
Attention
It is for the moment only in BETA stage. This documentation will explain how to configure LL::NG with the developer reserved space.
Register on France Connect¶
Once OpenID Connect service is configured, you need to register to France Connect.
Use the following form: https://doc.integ01.dev-franceconnect.fr/inscription.
You need to provide the callback URLs, for example https://auth.domain.com/?openidconnectcallback=1.
You will then get a client_id
and a client_secret
.
Declare France Connect in your LL::NG server¶
Go in Manager and create a new OpenID Connect provider. You can call it
france-connect
for example.
Click on Metadata
and set manually the metadata of the service,
using France Connect
endpoints.
For example:
{
"issuer": "https://fcp.integ01.dev-franceconnect.fr",
"authorization_endpoint": "https://fcp.integ01.dev-franceconnect.fr/api/v1/authorize",
"token_endpoint": "https://fcp.integ01.dev-franceconnect.fr/api/v1/token",
"userinfo_endpoint": "https://fcp.integ01.dev-franceconnect.fr/api/v1/userinfo",
"end_session_endpoint":"https://fcp.integ01.dev-franceconnect.fr/api/v1/logout"
}
You can skip JWKS data, they are not provided by France Connect. The
security relies on the symmetric key client_secret
.
Go in Exported attributes
to choose which attributes from “identité
pivot” you want to collect. See
https://doc.integ01.dev-franceconnect.fr/identite-pivot
Now go in Options
:
In
Configuration
, register theclient_id
andclient_secret
given by France ConnectIn
Protocol
, adapt thescope
to the exported attributes you want. See https://doc.integ01.dev-franceconnect.fr/fs-scopesIn
Display
, you can set the name and the logo