...
Maestrano allows you to do single sign-on via OpenID. For that we give you the url of our OpenID provider to which you can connect using your favorite OpenID consumer library.
How to connect?
The only specificity of our OpenID endpoint is that it contains the application id (or api id) of the consumer (your application). This application id is obtained from the dev sandbox for testing or from the app provider dashboard we have created for you on maestrano.com (production + production sandbox).
| Environment | OpenID Provider |
|---|---|
| Dev Sandbox | http://api-sandbox.maestrano.io/api/openid/provider/<your-app-id> |
| Production + Production Sandbox | https://maestrano.com/api/openid/provider/<your-app-id> |
Do I need to configure the Maestrano SDK in a certain way?
Yes - we need to be made aware of your return url to authorize it. "Hmm, this is weird for an OpenID provider...", yes indeed. We use OpenID because it is a popular protocol but restrict it to approved applications only.
...
You don't use the Maestrano SDK? Or cannot implement the metadata endpoint? Just contact us directly at developers@maestrano.com and we'll help you.
What data are available via OpenID?
Our OpenID provider returns both SREG and AX data, should you ask for it or not. SREG data are not really sufficient to properly perform service provisioning via single sign-on and we do not recommend using this extension. We have implemented it for completeness but you should use AX.
...