OpenID Connect Provider Manager (.NET)

Relativity supports OpenID Connect (OIDC) providers for authenticating to a Relativity instance during login. You can set scopes, claims, and other properties on an OIDC provider through the UI and the OIDC Provider Manager API. For more information, see Authentication on the RelativityOne documentation site.

The OIDC Provider Manager API provides the following functionality for programmatically working with providers:

  • CRUD operations on OIDC providers.
  • CRUD operations on group claim mappings.
  • CRUD operations on required claims.

Sample use cases for this API include the following:

  • Updating the trusted IPs on an OIDC provider.
  • Creating a new OIDC provider used for users who are added during Just-In-time provisioning.
  • Adding one or more required claims that a user must have to log in successfully.

You can also use the OIDC Provider Manager API through REST. For more information, see OpenID Connect Provider Manager (REST).

The Relativity.Identity.SDK contains this API. For compatibility and package installation instructions, see Download the SDKs and NuGet packages.

Fundamentals for the OIDC Provider API

Review the following information to learn about the methods and classes used by the OIDC Provider Manager API.

Create an OIDC provider

Use the CreateAsync() method to create a new OIDC provider. This method takes a OpenIDConnectProvider object as an argument and returns a OpenIDConnectProviderResponse object.

Retrieve an OIDC provider

Use the ReadAsync() method to retrieve an OIDC provider. This method takes the Artifact ID of an OIDC provider and returns an OpenIDConnectProviderResponse object.

Update an OIDC provider

Use the UpdateAsync() method to modify an OIDC provider. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • An updated OpenIDConnectProvider object

Delete an OIDC provider

Use the DeleteAsync() method to remove an OIDC provider from Relativity. This method takes the Artifact ID of an OIDC provider.

Create multiple group claim mappings for a provider

Use the MassCreateGroupClaimMappingsAsync() method to create multiple group claim mappings for an OIDC provider. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • A list of GroupClaimMapping objects

It returns a list of RelativityObjects.

Retrieve all group claim mappings for a provider

Use the ReadAllGroupClaimMappingsAsync() method to retrieve all group claim mappings for an OIDC provider. This method takes the Artifact ID of an OIDC provider, and it returns a list of GroupClaimMapping objects.

Retrieve a group claim mapping

Use the ReadGroupClaimMappingAsync() method to retrieve a group claim mapping. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • Artifact ID of a GroupClaimMapping object

It returns a GroupClaimMapping object.

Update a group claim mapping

Use the UpdateGroupClaimMappingAsync() method to update a group claim mapping. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • Artifact ID of a GroupClaimMapping object
  • An updated GroupClaimMapping object

Delete a group claim mapping

Use the DeleteGroupClaimMappingAsync() method to delete a group claim mapping. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • Artifact ID of a GroupClaimMapping object

Create multiple required claims for a provider

Use the MassCreateRequiredClaimsAsync() method to create multiple required claims for an OIDC provider. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • A list of RequiredClaim objects

It returns a list of RelativityObjects.

Retrieve all required claims for a provider

Use the ReadAllRequiredClaimsAsync() method to retrieve all required claims for an OIDC provider. This method takes the Artifact ID of an OIDC provider, and it returns a list of RequiredClaim objects.

Retrieve a required claim for a provider

Use the ReadRequiredClaimAsync() method to retrieve a required claim. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • Artifact ID of a RequiredClaim object

It returns a RequiredClaim object.

Update required claim

Use the UpdateRequiredClaimAsync() method to modify a required claim. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • Artifact ID of a RequiredClaim object
  • An updated RequiredClaim object

Delete required claim

Use the DeleteRequiredClaimAsync() method to remove a required claim from Relativity. This method takes the following arguments:

  • Artifact ID of an OIDC provider
  • Artifact ID of a RequiredClaim object