OpenID Connect Configuration

Required Information

To setup OpenID Connect AgWare needs some information about your identity provider.

The metadata address (if applicable)
The client ID

If a metadata address is not available for your identity provider then the following information is required in addition to the client ID.

The issuer
The authorization endpoint
The JWKS (JSON web key set) URI
The end session endpoint
The token endpoint

Once the information is configured on our end, AgWare will provide a reply URL for the tenant which will need to be entered into the identity provider before authentication will work.

Additionally, the identity provider needs to allow access to the following scopes.

openid
profile
email

warning

Your identity provider must support ID tokens to work with Cost New.

Microsoft Entra ID Example

Microsoft Entra ID can be easily configured to work with Cost New.

Creating an Entra Enterprise Application

Start by navigating to the Entra Enterprise applications and select New application. Entra new enterprise application button

Select Create your own application.

Entra create your own application button

Then choose Integrate any other application you don't find in the gallery (Non-gallery) and provide an application name. Then click create.

Entra create your own application example

Entra Required Information

On Entra there are only two required pieces of information to configure Cost New.

The metadata address
The client ID

To find them start by navigating to App registrations.

Entra app registration navigation example

The client ID can be found in the overview section.

Entra client ID location

The metadata address can be found by clicking the Endpoints button in the Overview section.

Entra endpoints button

Entra metadata address location

Configuring Entra for Cost New

To configure OpenID Connect in Entra for Cost New navigate to the associated App registration.

Entra app registration navigation example

Navigate to Manage → Authentication and select Add a platform.

tip

Don't get this confused with the Manage → Authentication under Enterprise applications.

Entra add authentication platform example

Choose Web from the dialog that appears.

Entra web platform example

Enter the Redirect URI provided by AgWare and enable ID tokens.

Entra platform configuration example

Okta Example

Okta Required Information

The metadata URL for Okta generally follows a pattern like https://<organization name>.okta.com/.well-known/openid-configuration or https://<organization name>.oktapreview.com/.well-known/openid-configuration.

Configuring Okta for Cost New

ID tokens under the implicit flow must be enabled for Cost New to work with Okta.

Okta grant types example

Required Information​

Microsoft Entra ID Example​

Creating an Entra Enterprise Application​

Entra Required Information​

Configuring Entra for Cost New​

Okta Example​

Okta Required Information​

Configuring Okta for Cost New​