Information about compliant IDPs
You can integrate the
BlackBerry AppSecure SDK
into your app using any identity provider (IDP) over the internet as long as it is compliant with OpenID Connect
(https://openid.net/connect/). The following table lists a few examples of IDPs that are compatible and how to determine the discovery URLs and authorized client IDs:
Identity provider | Discovery URL | Authorized Client IDs |
|---|---|---|
Firebase | https://securetoken.google.com/ ${Project-ID} /.well-known/openid-configuration | ${Project-ID} The Project ID in Firebase. |
Okta | https:// ${yourOktaOrg} /.well-known/openid-configuration | One of your app's OAuth 2.0 client IDs registered with Okta. |
Google | https://account.google.com/.well-known/openid-configuration | In your app's Google-Services.json file, use the value at 'client > oauth_client > client_id'. |
If you don't have access to your IDP to determine the discovery URL or authorized client ID, but you do have a JWT Identity token, you can use a third-party token inspection tool to examine the token (for example, https://jwt.io).
- 'iss' is the token issuer which you can use to determine the discovery URL by adding/.well-known/openid-configuration
- 'aud' is the intended audience of the token and is the Authorized Client ID.