Search

Skip to end of metadata
Go to start of metadata

Whilst our Wayfinder service is recommended you may prefer to write your own organisation discovery service. If you do, you'll need to know how to pass the relevant details to Keystone.

Once you have the relevant entityID for the user's organisation forward the user to:

https://connect.openathens.net/{domain}/{appId}/login?entity={encodedEntity}&target={encodedTarget}

The domain and appId parts of the address can be taken from your app's client ID (Configuration tab in the publisher dashboard) - they're the bits either side of the part that says ".oidc-app-v1." - e.g:

yourdomain.com.oidc-app-v1.ec5362c9-ac96-4bc0-b5c3-100508ea4957

The entityID and target parameters should be encoded to make them URL safe and are the entityID of the IdP and the address where you will handle the user on their return, getting them to the page they were trying to access.

E.g:

https://connect.openathens.net/yourdomain.com/ec5362c9-ac96-4bc0-b5c3-100508ea4957/login?entity=https%3A%2F%2Fidp.eng.nhs.uk%2Fopenathens&target=https%3A%2F%2Fwww.yourdomain.com%2Fdeeplink.php

  • No labels