UAEPass with OpenID Connect Directory Manager Plugin

Introduction

Using UAEPass with OpenID Connect Directory Manager is similar to other providers such as Okta or Google. This guide will walk you through setting up the UAEPass integration using the OpenID Connect Directory Manager Plugin.

Plugin information

• Plugin: OpenID Connect Directory Manager for UAEPass.
• Compatible with: Joget DX7 and later versions.
• Status: Released.

Get started

Prerequisites

UAE pass account

• Submission for approval
• Should have an account with UAE Pass
• UAE Pass mobile application

The above are the things a company needs to have in order to achieve the above flow. First, it needs to submit appropriate documents to the government for onboarding. Second, it needs to have the necessary information and even an account with UAE Pass. Finally, it needs to have the UAE Pass mobile application on its mobile device.

For this tutorial, we will use staging credentials and the staging app. Below is what you need to follow along:

• Endpoints
• Testing Credentials
• Staging Apps

Ensure you have these prerequisites in place before proceeding.

API domain/IP whitelist

You must whitelist the domains or IP addresses of your Joget application server to ensure successful operation. Here’s how to do it:

1. Go to Settings > General Settings in Joget.
2. Scroll down to find the API Domain/IP Whitelist section.

Fields to configure:

• API Domain Whitelist (Separated by ';'): Domain whitelist to allow API calls to Joget Workflow. Separated by semicolon.
  Example
  "localhost;www.joget.org;jogetdoc.int.joget.cloud”, or "*" to allow from everywhere.

  In a production environment, do not use "*".
  Doing so will allow anyone to call all JSON APIs from the Joget server.

• API IP Whitelist (Separated by ';'): IP address whitelist to allow API calls to Joget. Separated by semicolon.
  Example
  "localhost; 192.168.101.10; www.joget.org;jogetdoc.int.joget.cloud”, or "*" to allow from everywhere.

  In a production environment, do not use "*".
  Doing so will allow anyone to call all JSON APIs from the Joget server.

Licensed users

Ensure that the number of licensed users in Joget does not exceed the limit. The Single Sign-On (SSO) process will not work if you surpass the allowed number.

Where to get the plugin

You can download the plugin from Joget Marketplace - UAE Pass Directory Manager Plugin.

How to install

1. Download the plugin from the marketplace.
2. Go to Settings > Manage Plugins > Upload Plugin.
3. Upload the plugin as an admin user.

How to use it

1. Go to System Settings and select Directory Manager Settings.
2. Choose OpenID Connect Directory Manager - 7.0.0 from the dropdown menu.
   
3. Click Select, and the plugin configuration screen will appear. Now, you’ll fill in the plugin configurations.
   
4. If you’ve selected the UAEPass issuer in your OpenID connection, you can insert the required endpoints and the testing credentials you received earlier.
   
   You'll need to know the response types' supported scope and state, which is left blank. To find the scope, state, and response types supported, see Authorization Code.
   
   Below is the full URL (shown as an image). Copy the values for response_type, scope, and state (the highlighted ones).
   You’ll also need the Token endpoint for validation. Take this endpoint and fill in the Token Validation Endpoint field, and you’ll be set.
   
   Once you’ve completed everything, your form should look like the image below:
   
   

Configure openID connect directory manager properties

Fields to configure: 

• Issuer: UAEPass
• Authorization Token Endpoint: https://stg-id.uaepass.ae/idshub/authorize
• Token Endpoint: https://stg-id.uaepass.ae/idshub/token
• Token Validation: https://stg-id.uaepass.ae/idshub/introspect
• User Info Endpoint: https://stg-id.uaepass.ae/idshub/userinfo
• Response Type Supported: code
• Client ID: sandbox_stage
• Client Secret: sandbox_stage
• Scope: urn:uae:digitalid:profile:general
• State: HnlHOJTkTb66Y5H

Expected outcome

Once the configuration is successful, here’s the flow:

1. Click the login button.
2. You will be redirected to the OpenID Directory Manager with UAEPass login page.
   
   
   
3. After entering your ID, email, or phone number, you’ll receive a push notification on your UAEPass mobile app.
   
4. Once you confirm the push notification, you will be logged into Joget.

Download plugin

• UAE Pass Directory Manager Plugin