Getting Started with Optare SSO

Welcome to the Optare SSO integration guide. This document will help you get up and running quickly.

Overview

Optare SSO is a standard OpenID Connect (OIDC) Identity Provider. It allows you to authenticate users and authorize access to your applications using a centralized identity.

Prerequisites

Developer Account: You must have an account on the Optare Developer Console.
Client Application: Create a new application in the console to obtain your client_id and client_secret.
Redirect URI: Register the callback URL where your application will receive authentication responses (e.g., http://localhost:3000/api/auth/callback/optare).

Quick Start Steps

1. Configure Your Client

Ensure your application is registered with the correct Redirect URIs. If you are developing locally, remember to add your localhost URL.

2. Choose Your Integration Method

Next.js (NextAuth.js): See the NextAuth Integration Guide.
Generic OIDC Library: Use the OIDC Configuration Guide to configure any standard OIDC client (Passport.js, ASP.NET Core, Spring Security, etc.).

3. Implement the Flow

Redirect the user to the Authorization Endpoint.
Handle the callback to receive the code.
Exchange the code for tokens at the Token Endpoint.
(Optional) Fetch user details from the UserInfo Endpoint.

Key Concepts

Scopes: Control what information and access you request. Always start with openid.
Organization Context: Optare is multi-tenant. Users authenticate in the context of an organization (organizationId claim).
Licenses: You can check which products a user is licensed for using the licenses claim.

Next Steps

Check out the API Reference for detailed endpoint documentation.
Read about Custom Claims to leverage organization and license data.
Review Troubleshooting if you run into issues.

Custom Claims NextAuth.js Integration