...

We will send you a link that you can use to verify that the configuration is working correctly. This will trigger the login process by redirecting you from Talentech ID to your identity provider. Once you sign in, you’ll be redirected back to Talentech ID where you’ll be shown a test report (see screenshot 1).

If the test report indicates that everything works correctly, we can safely enable the SSO login option for all your users. This can be done at a time that suits you.

...

Provider specific guides

Anchor
provider-specific-guides provider-specific-guides

...

Azure AD Generic OIDC Setup Guide

Okta OIDC Setup Guide

Frequently asked questions

...

Question:

Which OIDC flows are you currently supporting?

...

• Authorization Code + PKCE (strongly recommended)

• Implicit flow

Question:

Which claims are required

Anchor
required-oidc-claims required-oidc-claims

Answer:

We need the email address and a unique external identifier for the user. Full name and External tenant Id are also recommended.

	Supported claim name	Description
External user id (required)	sub http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier	This value must be unique for each user in your organization and should never change
Email (required)	email preferred_username upn http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress	The email address of the user. This will be used to match the user against the Talentech ID user account on first login
Full name	name http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name	The user’s full name
External tenant id	tid	If you are using Azure AD or some other multi-tenant IDP, you can provide that ID here.