6 Setting up an external identity provider

You can configure MyID to set up an external OpenID Connect identity provider (for example, Microsoft Entra or Google) to provide authentication to the MyID Operator Client or any other system that uses the MyID web.oauth2 authentication service.

You can then select the external identity provider from the MyID Authentication screen in the MyID Operator Client:

Or in the Self-Service App:

Or in the MyID Client for Mac:

Or in the MyID Client for Windows:

Note: You cannot use external identity providers for MyID Desktop; you can use them only for the MyID Operator Client, the Self-Service App, the MyID Client for Mac, the MyID Client for Windows, or other systems that you have configured to use the MyID web.oauth2 authentication service.

You can configure MyID to add new users from your external identity provider, to accept users only if they already exist in MyID, or to update existing users with details from the external identity provider. You can map the information available as claims from the external identity providers to MyID user attributes.

Note: You can increase the size of the MyID Authentication pop-up window if required. See the Changing the size of the authentication pop-up window section in the MyID Operator Client guide.

You can:

Configure Microsoft Entra as an external identity provider.

See section 6.1, Configuring Microsoft Entra.
Configure any OpenID Connect system as an external identity provider.

See section 6.2, Configuring OpenID Connect.
Configure other types of external identity provider.

See section 6.3, Configuring other types of identity provider.
Map attributes from the external identity provider to MyID attributes.

See section 6.4, Mapping attributes.
Configure your self-service applications to use the external identity provider.

See section 6.5, Using external identity providers for the self-service applications.