Connect your application

Configure application on Veriam

• Log in to Veriam Admin Portal.

• Navigate to the 'Applications' page.

• Click on 'Add Application'.

• Enter your application details, including 'Application Name' and 'Description'.

• For 'Application Type', select the type that best suits your application.

• Enter your 'Application URL'. This is the URL where your application can be accessed. This information is for setup purposes only and is not shared with customers.

• Go to the Connection Configuration tab. Enter at least 1 ‘Redirect URL’, this is the URL where Veriam sends the user after authentication.

  1. You can add multiple Redirect URLs. If multiple Redirect URLs are entered, make sure to indicate which Redirect URL needs to be used in the authentication request.

• Click on 'Save'. Your application is now configured.

• You will see a popup with the Client Secret. Make sure to copy this and add this in the configuration of your application.

• Close the modal and copy the Client ID. Add this to the configuration of your application as well, together with the Veriam OpenID Connect Discovery URL.

Using OpenID Connect

Configuration at your application

Veriam uses the OpenID Connect (OIDC) as authentication protocol.

Make sure to configure the Client ID, Client Secret and OIDC Discovery URL in your application.

• The Client ID can be retrieved from the ‘Connection Configuration’ tab of your application configuration (under the menu item ‘Configuration’, ‘Applications’ tab).

• The Client Secret is provided after adding your the application to Veriam. If needed, you can renew the Client Secret by clicking the ‘Renew Client Secret’ option on your application detail page. Note: Doing this will make the previous client secret unusable.

• The OIDC Discovery URL can also be found on the application detail page.

Make an authentication request / Redirect user to Veriam for login & sign up

Below description is for a Single Page Application (SPA). Other examples will become available later, but the generic steps are the same.

Single Page Application (SPA)

To integrate Veriam with a SPA you can use an OpenID client like the oidc-client-ts, for example. The first step is define the configuration and the associated User Manager:

import { UserManager, WebStorageStateStore } from "oidc-client-ts";

const settings = {
  // Where the tokens will be stored
  userStore: new WebStorageStateStore({ store: window.localStorage }),
  // URL to the authentication server (including realm)
  authority: "<https://idp.myveriam.com>",
  // The name of the client the Authorization Server
  client_id: "YOUR_CLIENT_ID",
  // Where to redirect the user to after successful authentication
  redirect_uri: "YOUR_CALLBACK_URL",
  // Where to redirect the user to after logging the user out
  post_logout_redirect_uri: "YOUR_POST_LOGOUT_URL",
  // Indicate that the authorization code flow should be used
  response_type: "code",
  // "openid" tells the server that this client uses oidc for authentication
  scope: "openid email profile",
  // Enable automatic (silent) renewal of the access token
  automaticSilentRenew: true,
}

const userManager: UserManager = new UserManager(settings);

You can then trigger a login from your app using the command below:

userManager.signinRedirect().then();

And also a logout:

userManager.signoutRedirect().then();

To retrieve information about the User which is authenticated:

import { User } from "oidc-client-ts";

userManager.getUser().then((user: User) => {
  // The details about the user are in user.profile
});

To include a direct link to a signup button:

userManager.signinRedirect({
  extraQueryParams: {
    screen_hint: "signup",
  },
}).then();

Using Postman (alternative to Step 2)

First, you need to add the Redirect URL from Postman to your application in Veriam:

https://oauth.pstmn.io/v1/callback

Then in the Postman application you need to choose the Authorization of Type OAuth 2.0, with the following settings:

• Header Prefix: Bearer

• Token Name: <YOUR_TOKEN_NAME> (can be anything)

• Grant Type: Authorization Code (with PKCE)

• Authorize using Browser: (Selected)

• Callback URL: https://oauth.pstmn.io/v1/callback (this is pre-filled from selecting item above)

• Auth URL: https://idp.myveriam.com/oauth2/authorize

• Access Token URL: https://idp.myveriam.com/oauth2/token

• Client ID: <YOUR_CLIENT_ID>

• Client Secret: <YOUR_CLIENT_SECRET>

• Code Challenge Method: SHA-256

• State: <YOUR_STATE> (can be anything)

• Client Authentication: Send client credentials in body

Once those have been filled, click on Get New Access Token button and you should be redirected to login on Veriam and after a successful authentication you should be redirected to the Postman app with the access token for subsequent requests to the API.